Hacker claims 18-minute breach of Bain & Co AI platform exposes thousands of private consulting conversations and client queries

Apr 13, 2026, 6:47 PM

A hacker accessed one of Bain & Co’s internal AI tools just weeks after revealing cybersecurity flaws in a system at rival consultancy McKinsey, underscoring the risks as top advisors strive to adopt new technology.

As FT reports, CodeWall on Monday said it taken just 18 minutes to make a breakthrough towards accessing Bain’s Pyxis platform, used by part of the consultancy’s private equity practice to help assess companies for due diligence and investment analysis.

The hacker said it had been able to view nearly 10,000 AI conversations held with Pyxis’s AI chatbot, which helps users to analyse billions of consumer transactions collected on a database provided by a third-party supplier.

Those conversations included queries from staff at multiple Bain clients, CodeWall said, adding that examples included consumer food brands asking questions about their rivals.

CodeWall said its autonomous agent had been able to gain access using a username and password that had been written into publicly available web code.

The hacker says it focuses on companies that have published guidelines on how “ethical” hackers should probe their systems for cyber security flaws.

The hacker said it had discovered employee email addresses and security tokens, “meaning an attacker could impersonate any Bain employee” or create new Pyxis account logins.

Bain said it “immediately investigated” the issue with support from external cyber security specialists once alerted by CodeWall, and “quickly resolved the issue”, putting extra security in place.

“We fundamentally disagree with how [CodeWall] has characterised the nature of the platform and the scope of the issue,” the firm added.

Bain said Pyxis aggregates third-party data but “does not store proprietary data and operates independently from our core client . . . systems”. “No pathway exists for access to client proprietary data or sensitive business information,” the firm said.

CodeWall noted most of Bain’s systems were “locked down cleanly”, meaning it had been unable to access them.

The hack follows a similar one at McKinsey last month, which identified flaws in an in-house AI system. McKinsey said it had fixed the issue “within hours”.

CodeWall this month said a “basic” vulnerability in Boston Consulting Group’s IT systems had allowed it to access and alter some data within a tool used by the consultancy’s analysts.

BCG said the flaw identified in its systems was fixed, “remediated within hours” and “was related to an isolated data warehouse hosting only publicly available and anonymised licensed data”. It added: “No confidential client or sensitive BCG information was at risk.”

The vulnerabilities in parts of the prestigious consulting firms’ cyber defences underscore the risks that come with their rapid adoption of AI and push to advise clients on how to use the technology.

Bain last year partnered with prominent computer scientist Andrew Ng and Palantir to help advise its clients on AI transformations, while BCG has said it expects to generate 40 per cent of its revenues in 2026 from helping corporations integrate AI into their businesses.

Paul Price, CodeWall’s founder and chief executive — and its only employee — said he had targeted the consultancies after reasoning that the businesses were likely to have “critical vulnerabilities” in their AI-powered platforms.

In its report on its BCG hack, CodeWall blamed the issues on strategy consultants’ fast-paced development of AI, “widening the gap between how quickly things are built and how thoroughly they’re tested”.