A hacker gained access to one of Bain & Co’s internal AI tools, weeks after exposing cyber security flaws in a system at rival consultancy McKinsey, highlighting the risks as elite advisers push to adopt new technology. CodeWall on Monday said it took just 18 minutes to make a breakthrough towards accessing Bain’s Pyxis platform, used by part of the consultancy’s private equity practice to help assess companies for due diligence and investment analysis. The hacker said it had been able to view nearly 10,000 AI conversations held with Pyxis’s AI chatbot, which helps users to analyse billions of consumer transactions collected on a database provided by a third-party supplier. Those conversations included queries from staff at multiple Bain clients, CodeWall said, adding that examples included consumer food brands asking questions about their rivals.

Full report : AI penetration testing company CodeWall says its agent was able to hack into one of Bain’s internal AI tools, following a similar hack at McKinsey in March 2026.