I just came across this incident involving localmind.ai, a small AI startup out of Innsbruck, Austria (founded in early 2024). The company stated that internal processes and control mechanisms failed and accepted full responsibility for the incident.

This summary outlines the key events and remediation actions from the official incident reports published by Localmind.ai between October 5 and October 9, 2025.

Incident overview and initial response (October 5)

On October 5, 2025, at 05:43 CEST, Localmind detected unauthorized access to its systems. The immediate response was to take all affected systems, including internal platforms and customer instances, offline to contain the breach. Initial measures included:

  - Resetting all passwords and regenerating API keys (e.g., for Notion, SendGrid, Hetzner).
  - Deactivating all user accounts, restricting access to a minimal number of administrators with mandatory two-factor authentication (2FA).
  - Initiating a forensic investigation.

Root cause analysis (October 5, Update #2)

The breach originated from a misconfiguration in an externally accessible beta-test instance. The flaw granted administrator privileges by default to a newly registered account. The attacker used this access to:

  - Access the integrated automation platform (n8n).
  - Retrieve an unrestricted API key for the internal Notion knowledge base, which contained infrastructure documentation and credentials.
  - Use the compromised information to escalate access further and send emails from an internal account.

The company stated that internal processes and control mechanisms failed and accepted full responsibility for the incident.

Impact assessment and forensic Updates

  - Scope: The core Localmind platform was not compromised. The attack was confined to administrative interfaces and test environments. A limited number of customer systems were accessed, while on-premise instances showed no signs of unauthorized access.
  - Forensics: Unauthorized logins were traced to IP addresses from VPN providers, complicating attribution. Login activity occurred outside regular business hours (nights, weekends). As of October 8, no evidence of large-scale data exfiltration was found.
  - Data transparency: Localmind offered data exports to customers to conduct their own audits for potential GDPR breach notifications.

Remediation and security hardening measures

The company initiated a comprehensive infrastructure rebuild and security overhaul.

  1. New infrastructure: A migration of virtual machines to new, Tier IV, ISO 27001/27018 certified data centers with a fully isolated infrastructure was nearly complete as of October 8. Systems are being rebuilt from clean data volumes (e.g., Docker volumes) onto new, hardened hosts.
  2. Access security:
    - Implementation of an F5 Web Application Firewall (WAF) with pre-authentication for each customer instance.
    - Mandatory two-factor authentication (2FA) for all application logins.
    - Deployment of the Wazuh security agent for centralized login monitoring and anomaly detection.
    - All previous service accounts and credentials within automation workflows were deleted, requiring a re-issue.
  3. Automation restriction: Critical automation nodes in n8n (e.g., Execute Command, Read/Write File to Disk) were disabled and will be unavailable in cloud environments going forward.
  4. Enhanced monitoring: Additional security agents were deployed for endpoint security, configuration assessment, file integrity monitoring, and threat intelligence.
  5. Process change: Each customer instance undergoes a manual audit and documentation before restart, with the audit protocol provided to the customer.

Subsequent Attack Attempt (October 9)

On October 9, Localmind reported a renewed attempt to gain unauthorized access. The new security measures successfully blocked these attacks. The only confirmed impact was a brief, unauthorized text modification on a separately hosted, external development website, which was promptly reverted. The company attributes this attempt to the same threat actor.

Status as of latest update (October 9, 2025)

Systems were in a phased, controlled restart process, with customers being kept informed. The company continues to work on audits and security fortifications.

Sources (as Mementos)

<https://web.archive.org/web/20250000000000*/https://www.loca...> <https://web.archive.org/web/20250000000000*/https://security...>

I have been following this shit show since the beginning. It was definitely not a responsible disclosure, but given the track record of Austrian and German justice with white hat hackers, I guess it is somewhat understandable. The hacker took it upon himself to inform every customer of the weak security of their data.

After the third update where the startup outlined their steps to fix the situation, the hacker added an addendum to their website with a link to the full incident report (in English). You can still find it on the web archive:

https://web.archive.org/web/20251008231051/https://security....

Direct link to the incident report (in English): https://anonfile.co/CZqiAMqc3sYyvHZ/file

The hacker accuses them of vibe coding their entire infrastructure and thus not understanding what they have created. And if only half of the content of the incident report is true, I am inclined to believe him. If you look at the founders and employees on LinkedIn, not even the CTO seems to have any IT-experience. Which in itself wouldn't be that big of a problem but they explicitly marketed their product as extremely secure and local. Seems very hypocritical to me to then not even give a second thought about securing your own infrastructure.

All in all with how they handle it, the startup seems to be just trying to save their image without really working on the flaws in their security, but here is hoping that I am wrong for the sake of their customers.

Some more links to news articles (in German): https://www.borncity.com/blog/2025/10/06/desaster-sicherheit... He did 3 parts on this, as apparently the hacker contacted him directly with insider information.

https://www.derstandard.at/story/3100000291066/localmind-sic...

https://www.heise.de/news/Sensible-Unternehmensdaten-ueber-S...