Hugging Face has disclosed a data breach impacting the Spaces platform, a place where developers can create, share and host various artificial intelligence (AI) models and resources.
In a announcement On the community website, the company said it had detected unauthorized access to its Spaces platform, “specifically related to Spaces secrets.”
“As a result, we suspect that some of Spaces’ secrets could have been accessed without authorization,” the message said.
Migrate to fine-grained access tokens
To address the issue, the team did what was expected: revoked some of the Hugging Face tokens present in the secrets and notified the affected individuals of the change. It also reported the incident to law enforcement and data protection authorities.
Unfortunately, Hugging Face did not say how many people may have been affected by the breach.
In addition to those who were notified directly, Hugging Face advised everyone to renew any key or token they might have, and even consider converting the tokens into fine-grained access tokens that it already considers the new standard.
“We are working with third-party cybersecurity forensic specialists to investigate the issue and review our security policies and procedures,” the notice said.
Hugging Face is a company and open source community focused on natural language processing (NLP) and machine learning. It is known for its transformative work in making cutting-edge NLP models accessible and easy to use. As such, it is often targeted by threat actors looking to compromise various AI models.
For example, in recent days, Hugging Face has made “significant improvements to the security of the Spaces infrastructure,” including completely removing organization tokens (resulting in improved traceability and audit capabilities), implementing a key management service (KMS) for Spaces secrets, strengthening and expanding our system’s ability to identify leaked tokens and proactively invalidate them, and more generally improving our security across the board.”
The company also plans to completely phase out “classic” read and write tokens once fine-grained access tokens reach feature parity.