An employee at Elon Musk's xAI accidentally leaked an API key on GitHub, which allowed unauthorized access to private large language models (LLMs) used by xAI for internal data from Musk's companies, including SpaceX and Tesla. Despite GitGuardian alerting xAI about the leak nearly two months prior, the key remained active until the repository was removed shortly after direct notification to the security team. Experts warn that the exposure of these internal models poses significant security risks, potentially allowing malicious actors to manipulate sensitive information.

Marko Elez, an employee at Elon Musk's Department of Government Efficiency, inadvertently leaked a private API key for xAI, granting access to numerous large language models. This incident raises concerns about operational security, especially given Elez's troubling history and access to sensitive government databases. Security experts emphasize that repeated leaks indicate a serious negligence in handling confidential information.