I've got no idea who codewall is. Is there acknowledgment from McKinsey that they actually patched the issue referenced? I don't see any reference to "codewall ai" in any news article before yesterday and there's no names on the site.

https://www.google.com/search?q=codewall+ai

▲

rzmmm 8 hours ago | parent | next [-]

Yeah can't find much information either. I would like to see at least some proof. Either via Mckinsey or from the security team.

▲

6 hours ago | parent | prev | next [-]

[deleted]

▲

darkport 2 hours ago | parent | prev | next [-]

We’re pretty new! :) They didn’t want to provide comment on our post but they did offer comment via The Register.

▲

doron 8 hours ago | parent | prev | next [-]

it is weird isn't it? The register article implies that it's acknowledged by McKinsey- https://www.theregister.com/2026/03/09/mckinsey_ai_chatbot_h...

Edit: Apparently, this is the CEO https://github.com/eth0izzle

	▲	sigmar 7 hours ago \| parent [-]
		>A McKinsey spokesperson told The Register that it fixed all of the issues identified by CodeWall within hours of learning about the problems. Ah. Thanks for the link. I'm suspicious of everything posted to a blog without proof these days.

▲

eisa01 7 hours ago | parent | prev | next [-]

If it's true that there's 58k users in the dump, that would mean former employees are in the dump

I assume that means McKinsey would need to disclose it, or at least alert the former employees of the breach?

▲

philipwhiuk 6 hours ago | parent | prev [-]

There's a responsible disclosure timeline at the bottom indicating they'd all been fixed.