CodeWall reported that its autonomous agent exploited vulnerabilities in McKinsey's Lilli AI platform and obtained unauthorized read and write access to production systems, allegedly exposing internal chat messages, files, user accounts, and prompts. McKinsey confirmed the vulnerability and said it fixed the issue within hours, but said it found no evidence that client data or client confidential information were accessed.