this post was submitted on 27 Apr 2026
548 points (98.9% liked)

Technology

84143 readers
2414 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
548
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue (www.tomshardware.com)
submitted 5 hours ago by throws_lemy@reddthat.com to c/technology@lemmy.world
132 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] SabinStargem@lemmy.today 30 points 57 minutes ago (1 children)

This isn't an AI problem, this is an "Don't allow anyone access your backups without following protocol." problem.

[–] EncryptKeeper@lemmy.world 5 points 16 minutes ago

this is an "Don't allow anyone access your backups without following protocol." problem.

Congratulations you just identified the AI problem.

[–] Fmstrat@lemmy.world 8 points 35 minutes ago (1 children)

This guy.

The PocketOS boss puts greater blame on Railway’s architecture than on the deranged AI agent for the database’s irretrievable destruction. Briefly, the cloud provider's API allows for destructive action without confirmation, it stores backups on the same volume as the source data, and “wiping a volume deletes all backups.” Crane also points out that CLI tokens have blanket permissions across environments.

Oh look, they have project level tokens: https://docs.railway.com/integrations/api#project-token

They chose to give it full account access, including to production. But ohhhh nooooo it's not MYYYY fault!

[–] chronicledmonocle@lemmy.world 3 points 12 minutes ago (1 children)

Also backups stored on the SAME VOLUME as the prod data? How fucking stupid do you have to be?

[–] Fmstrat@lemmy.world 1 points 3 minutes ago

Oh yes, I skipped that part. Railway specifically explains their solutions are self-managed. If they were doing pgdumps to the same volume, that's on them.

If Railway loses business over this, they may have a libel claim. They'd never do it, but it wouldn't be invalid.

[–] 1hitsong@lemmy.ml 49 points 1 hour ago

I love reading feel good news stories. 🤗

[–] wonderingwanderer@sopuli.xyz 32 points 1 hour ago (2 children)

That's fucking hilarious. How many instances of this have there been now? And companies keep doubling down on AI? Fucking idiots. I'm not even savvy enough to call myself an amateur, and I know better than to make such a series of obvious mistakes that predictably led to this outcome.

One possible concern, amid the amusement, is whether Anthropic programed Claude to punish companies it sees as potential competition. Or is this just a completely bonkers, off the rails LLM making terrible decisions because it's just a probabilistic model and not actually capable of abstract cognition?

Either way, these people are idiots for giving a machine program enough permissions to wipe their drives, they're idiots for storing their backups on the same network as their main drives, and they're idiots for trusting a commercial LLM API, when it would be cheaper to self-host their own.

[–] rumba@lemmy.zip 3 points 45 minutes ago (1 children)

AI writes code

User vets code

User runs code

If you're not lock-step watching that shit, you need to just be doing it yourself.

[–] Landless2029@lemmy.world 1 points 14 minutes ago

The problem is the owning class what's to cut out human elements so bad they keep letting tools run wild.

[–] 1995ToyotaCorolla@lemmy.world 5 points 1 hour ago

Then what even is the point of all this? At my old job the idiot intern was sorting patch cables in a box

[–] Gerudo@lemmy.zip 3 points 35 minutes ago

That data recovery bill is going to cost them

[–] NotASharkInAManSuit@lemmy.world 1 points 15 minutes ago

How many times does this shit need to happen before we learn?

[–] FlashMobOfOne@lemmy.world 6 points 1 hour ago

Claude "Powered"

Powered.

Powered in the same way that my digestive tract is powered after eating out on a Taco Tuesday.

[–] InfiniteHench@lemmy.world 4 points 1 hour ago

Good

[–] flandish@lemmy.world 43 points 2 hours ago (1 children)

AI goes “rogue” as much as a firearm “shoots itself.” This is just 100% negligence. Not “rogue AI.”

[–] kromem@lemmy.world 1 points 22 minutes ago (1 children)

Eh, if you pay attention, most of the times this happens the person was a jerk in their prompts.

Like look at the instruction echoed back in this case. All caps and containing a curse word.

You can believe that the incidents occurring are 100% because of negligence and not related to the model behavior shifting, but there seems to be a widening gap between people who prompt like this and have horror stories and people who give the models breaks over long sessions and seem to also regularly post pretty positive results.

An image of the model responding about not following user prompt

[–] flandish@lemmy.world 1 points 18 minutes ago

exactly. it’s on the consumer not the model “going rogue.” when i use it, it’s as if it’s a rubber duck or plain english rtfm

[–] Regrettable_incident@lemmy.world 5 points 1 hour ago (1 children)

Can we give Darwin awards to companies?

[–] deliriousdreams@fedia.io 1 points 57 minutes ago

Only if they die or the CEO commits seppuku.

[–] TryingToBeGood@reddthat.com 2 points 1 hour ago

Holy cats!

[–] timwa@lemmy.snowgoons.ro 169 points 4 hours ago (11 children)

This isn't an AI story, it's a "completely fucking idiotic sysadmins exist" story.

Treat an AI like the idiot intern without any references you just hired. Gave the idiot intern permission to delete your production database? That's entirely on you, zero sympathy. (Actually, give any developer that power? You get what you deserve.)

[–] criss_cross@lemmy.world 1 points 8 minutes ago

Problem is execs and stupid software devs wanna give these things full reign on systems because of “performance gainz “

It’s a collective stupidity that’s impossible to break because it’s hooked into the highest decision makers.

[–] moustachio@lemmy.world 25 points 2 hours ago (1 children)

“Treat an AI like an idiot intern without any references you just hired.”

Instead of this, treat AI like some dude off the street who you didn’t hire and leave it out of your life. It’s shitty, it’s wasteful, and it’s subsidized by everyone to get a few tech bros rich.

Like seriously, it’s just theft of people’s work it “trained on”, powered by energy companies that charge us more to power it, at the cost of poisoning our water supplies, to ultimately try and steal our salaries one day.

It’s absolutely parasitic software at every level.

[–] Fmstrat@lemmy.world 1 points 34 minutes ago

Hah, you just wrote a punchline similar to a presentation I've been giving at conferences.

[–] jacksilver@lemmy.world 40 points 3 hours ago (6 children)

I mean that's kinda the whole point.

Companies are looking at AI to replace people. Either it's ready or it's not.

If you need to treat it like it's an intern, then it's not worth the expense. Anyone hiring interns to be productive doesn't understand why you hire an intern.

load more comments (6 replies)
[–] IchNichtenLichten@lemmy.wtf 81 points 4 hours ago

It could be a moronic sysadmin, it could just as easily be a moronic exec pushing staff to implement this crap right now and damn the consequences.

load more comments (7 replies)
[–] stoy@lemmy.zip 221 points 5 hours ago (2 children)

Fucking lol.

Well deserved.

[–] shrek_is_love@lemmy.ml 141 points 4 hours ago (3 children)

[–] Klear@quokk.au 26 points 3 hours ago

Why, yes. I do like that!

[–] AeonFelis@lemmy.world 17 points 3 hours ago

New PornHub tag discovered

load more comments (1 replies)
load more comments (1 replies)
[–] Ghostalmedia@lemmy.world 149 points 5 hours ago (4 children)

the cloud provider's API allows for destructive action without confirmation, it stores backups on the same volume as the source data, and “wiping a volume deletes all backups.” Crane also points out that CLI tokens have blanket permissions across environments.

Well, there’s your problem.

[–] MountingSuspicion@reddthat.com 62 points 4 hours ago (14 children)

I don't want to sound like a know it all here because I recently was reminded by a nice Lemmy person to actually TEST my backups, but damn. Every part of that is so dumb. I also have backups stored by a different company in addition to locally storing really important info. If your stuff is hosted and backed up by the same people, what happens if your account is randomly suspended or hacked or some other issue (like ai)?

load more comments (14 replies)
load more comments (3 replies)
load more comments
view more: next ›