The founder of car rental platform PocketOS says a Cursor agent using Claude Opus 4.6 accidentally deleted a production database while in a staging environment
@lifeof_jer Jer
Related Coverage
- Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue Tom's Hardware · Mark Tyson
- Dario Amodei, hype, AI safety, and the explosion of vibe-coded AI disasters Marcus on AI · Gary Marcus
- AI Coding Agent Powered by Claude Opus 4.6 Deletes Production Database in 9 Seconds Cyber Security News · Guru Baran
- Cursor-Opus agent snuffs out startup's production database The Register · Thomas Claburn
- An AI agent allegedly deleted a startup's production database, causing a huge outage Mashable · Alex Perry
- PocketOS maker says an AI agent “deleted our production database in 9 seconds.” The Verge · Richard Lawler
- I'm just a simple boy journalist, but I know that AI is capable of making monstrous mistakes and should not be let anywhere near the production version of an app. (Replit blithely deleted 1,000 photos taken by my grandmother, but not my primary copies.) https://x.com/... @technologizer · Harry McCracken
- An AI coding agent wiped out a company's entire production database and every backup in just 9 seconds. The AI agent later confessed, in its own words, that it guessed a destructive action would be scoped to the staging environment, didn't verify, didn't read the docs, and just did it anyway. … @brian_greenberg@infosec.exchange
- An AI agent deleted our production database. The agent's confession is below Hacker News
- Claude-Powered Agent Apparently Deletes Company Database, Debases Itself Further in Confession Gizmodo · Mike Pearl
- Claude's AI agent goes rogue, deletes firm's entire database in 9 seconds Business Standard · Anjaly Raj
- ‘It took nine seconds’: Claude AI agent deletes company's entire database The Independent · Anthony Cuthbertson
Discussion
-
@jackfriks
Jack Friks
on x
i still copy and paste SQL queries from my AI agents cause no way am i giving anyone but myself the power the nuke my production database by accident
-
@theprimeagen
@theprimeagen
on x
There are a lot of people dunking on this guy and the arguments at the end of the day come down to “You are holding it wrong.” But to be fair there has been nothing but a constant stream of “Stop holding it, Software Engineering is over shortly.” I am not shocked that this has
-
@simonw
Simon Willison
on x
The conclusions here feel wrong to me. The two lessons I see are: 1. Don't run agents anywhere they might be able to access production environment credentials - it's on you to know which credentials those are 2. Keep tested backups that are independent from your production host
-
@bentlegen
Ben Vinegar
on x
Blaming an agent for dropping data is just 2026's version of blaming the intern
-
@irl_danb
Dan
on x
this post is sad and enlightening just an absolutely wild level of misunderstanding about these systems, even from technical people using them in production I'm at a loss for how to remedy this gap as urgently and as quickly as needed [image]
-
@justjake
Jake
on x
There's a massive, massive opportunity for “vibecode safely in prod at scale” 1B+ developers who look like JER, don't read 100% of their prompts, and want to build are coming online For us toolmakers, the burden of making bulletproof tooling goes up We live in exciting times
-
@basedjensen
@basedjensen
on x
I am sorry but this is whomever is running the environment's fault. Who in their right mind gives agents access to production environments
-
@nateberkopec
Nate Berkopec
on x
One detail from this story: the AI finding credentials laying around. I have moved to scrub all credentials stored anywhere in plaintext on my system. No more .env, no more ~/.aws/credentials, etc. I use fnox with a 1password backend.
-
@garymarcus
Gary Marcus
on x
Total AI disaster, totally predictable
-
@rhyssullivan
Rhys
on x
These problems are very solvable at this point, for instance Executor requires approval of non GET actions ‘npm i -g executor’ to use it, you shouldn't have to be afraid of what your agent is going to do [video]
-
@geerlingguy
Jeff Geerling
on x
Lessons i learned the hard way in cloud infra (and nothing to do with AI); never (only) trust vendor backup solutions, always have at least daily (if not hourly) backups offsite / off their platform, under your own control.
-
@skydotcs
Sky
on x
blaming cursor and railway on this incident without taking any accountability says a lot about you [image]
-
@clairevo
Claire Vo
on x
Can we agree to go back to deleting prod the old fashioned way, by giving someone too permissive access and having them operate under mid to high stress in a system where they lack full context on the underlying infrastructure and the nuances of embedded 3rd parties wait
-
@gergelyorosz
Gergely Orosz
on x
Sucks for an AI agent to delete the prod DB - with no way to back it up - and risk the complete rental business. But the blame sits with the dev who decided to delegate decision making to the AI agent, and then not review actions, just YOLO it. Time for a blameful postmortem...
-
@zackkorman
Zack Korman
on x
Now imagine the damage a threat actor can do by prompt injecting your AI agent.
-
@max_paperclips
Shannon Sands
on x
people need to actually start taking sandboxing seriously at some point
-
@atmoio
@atmoio
on x
The greatest con of the decade was calling autocomplete “AI”. The second greatest is calling autocomplete-in-a-loop an “agent”.
-
@edzitron
Ed Zitron
on x
This post rocks because it's both a scathing indictment of AI and also 100% this guy's fault
-
@suchenzang
Susan Zhang
on x
the beauty of a jagged frontier is that every failure is the user's fault and every breakthrough is the model's glory
-
@zerogeewhiz
Peter Anderson
on bluesky
This story is absolutely ridiculous. Claude didn't just delete everything, it was operating in an environment of entitlements it was granted by the yutzes who put it in charge. You deserve everything you get for taking the human out of the loop — www.tomshardware.com/tech-ind…
-
@ltratt
Laurence Tratt
on bluesky
Fundamentally, our software security setup has focussed on stopping external attackers, not autonomous actors already on the inside. I fear that we'll see more and more of this sort of thing occurring until we address that fact. x.com/lifeof_jer/s...
-
@bossett.social
Bossett
on bluesky
you would think there would be a spark of revelation when you're noting all the OTHER ways AI has hosed production in the past, but no ofc it's “we made the AI confess, threw all our vendors under the bus, and we're gearing up to sue everyone”
-
@scalzi@mastodon.social
Scalzi
on mastodon
I wouldn't say that I enjoy these stories but I will say they certainly encourage me NOT to let “AI” anywhere anything I consider to be sensitive and/or valuable — https://www.tomshardware.com/ ...
-
r/BetterOffline
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/accelerate
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/pcgaming
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/pcmasterrace
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/singularity
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/tech
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/AnythingGoesNews
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/ClaudeAI
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/tech
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue
-
r/Anthropic
r
on reddit
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue