Artificial Intelligence (AI) company Hugging Face disclosed an unauthorized access incident on its Spaces platform earlier this week, raising concerns about the security of its AI applications and services. The company suspects that a subset of Spaces’ secrets may have been accessed without authorization, prompting immediate action to mitigate potential risks. Spaces, a platform that enables users to create, host, and share AI and machine learning (ML) applications, also serves as a discovery service for accessing AI apps made by other users.
In response to the security breach, Hugging Face is revoking a number of HF tokens present in the compromised secrets and notifying affected users via email. The company recommends users to refresh their keys or tokens and consider transitioning to fine-grained access tokens as a precautionary measure. Despite efforts to address the breach, Hugging Face has not disclosed the exact number of impacted users, indicating that the incident is under ongoing investigation.
The security incident comes amidst the burgeoning growth of the AI sector, with AI-as-a-service (AIaaS) providers becoming prime targets for malicious actors seeking to exploit vulnerabilities for nefarious purposes. In April, cloud security firm Wiz highlighted security issues in Hugging Face’s platform that could allow adversaries to gain unauthorized access and manipulate AI/ML models through CI/CD pipelines. Similarly, previous research by HiddenLayer revealed vulnerabilities in Hugging Face’s Safetensors conversion service, posing risks of AI model hijacking and supply chain attacks.
The potential repercussions of a security breach on Hugging Face’s platform are significant, as attackers could gain access to private AI models, datasets, and critical applications, posing widespread damage and supply chain risks. The incident underscores the imperative for AI companies to prioritize robust security measures to safeguard sensitive data and maintain trust among users. As investigations continue, Hugging Face remains vigilant in its efforts to bolster security protocols and mitigate future risks to its platform and user community.
