Exposed AWS Credentials Lead to AI-Assisted Cloud Breach in 8 Minutes

Researchers recently tracked a high-speed cloud attack where an intruder gained full admin access in just eight minutes. Discover how AI automation and a simple storage error led to a major security breach.

On 28 November 2025, experts from the Sysdig Threat Research Team (TRT) watched an attacker take over a company’s cloud environment in record time. While we usually think of cyber attacks as slow, systematic processes, this person managed to gain total control in just eight minutes.

The Break-In

It all started with a simple mistake. The hacker found test credentials left in a public digital storage area, known as an S3 bucket. These buckets act like online folders, but this one was accidentally left open. Researchers noted that the buckets even had AI in their names, making them easy targets for anyone searching for data to steal.

Interestingly, the stolen account already had a ReadOnlyAccess policy ...