
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Hackers from TeamPCP stole 450 repositories containing Mistral AI's proprietary source code and training data, threatening to leak them online if not sold. Mistral AI confirmed a breach linked to SDK contamination but stated core systems and user data were unaffected. The incident involves significant intellectual property harm.[AI generated]
Why's our monitor labelling this an incident or hazard?
The event explicitly involves an AI system's development environment, with hackers stealing AI-related source code and internal repositories. The breach and threat to leak proprietary AI code represent a violation of intellectual property rights, which is a recognized harm under the AI Incident definition. The involvement of AI systems is clear, as the stolen data relates to AI model training and deployment. The harm is realized (data theft) and ongoing (threat of leak), thus qualifying as an AI Incident rather than a hazard or complementary information. The company's confirmation of SDK contamination further supports the direct involvement of AI systems in the incident.[AI generated]