Incident Watch

Grok API Key Leak Exposes xAI Models to Major Security Risks

A leaked Grok API key exposed 52 xAI models. See how it happened, what’s at risk, and how to prevent similar AI security incidents.

What Happened: A Department of Government Efficiency staffer accidentally exposed a sensitive API key linked to xAI’s Grok in a public GitHub repository. This leak grants access to at least 52 of xAI’s large language models. 

In Depth: 

  • On July 13th, an employee from the Department of Government Efficiency unintentionally committed a script titled “agent.py” to a public GitHub repository, leaking a valid Grok API key in the process
  • Contained within the code was a private API key granting access to xAI’s LLM systems. Although the script was subsequently taken down, the API key remains active. 
  • This incident is not without precedent. Earlier this year, another xAI internal API key was exposed on GitHub for nearly two months. That leak potentially compromised access to LLMs and sensitive internal data associated with SpaceX, Tesla, and Twitter/X.

Why This Matters: 

  • The exposed Grok API key may have granted unrestricted access to xAI’s underlying models—posing a critical risk to national security and enterprise AI integrity. If exploited, such access could enable:
    • Fake government alerts or emails
    • Phishing attacks with highly believable language
    • Dissemination of disinformation at scale

Taking a Step Back: 

  • Shadow AI is the new insider threat: As organizations increasingly adopt generative AI across departments, insider threat is evolving. This Grok incident highlights the ease with which internal systems, tools, and data can be unintentionally exposed. Today, even well-meaning employees can introduce serious vulnerabilities into an organization’s infrastructure. For example, analysts may paste customer data into ChatGPT, or a product team might ask Gemini to build a six-month roadmap with company IP. Each of these actions may seem harmless or even helpful in the moment, but at scale, they represent a growing, decentralized security gap. 

General Strategies for Safe AI Usage:

  • Establish clear AI use policies: Define what tools are approved, what kinds of data can and cannot be used, and who has authority to deploy AI systems
  • Provide sanctioned and secure AI environments for employees to use productively without risking exposure
  • Regularly train staff on AI risk
  • Perform regular security reviews and audits on all AI integrations

For Obsidian Customers:

  • Deploy Obsidian’s browser extension to block unauthorized access to Grok and any other unsanctioned or risky AI tools: 
    • Monitoring integration risk to your SaaS apps 
    • See real-time GenAI app usage analytics
    • Restrict browser access to unauthorized AI apps
Get a comprehensive inventory of all AI apps in your environment and the risk associated with each.
Download Now

Get Started

Start in minutes and secure your critical SaaS applications with continuous monitoring and data-driven insights.

get a demo