INCIDENT

Claude - Real incident: autonomous Claude agent deleted production...

Real incident: autonomous Claude agent deleted production database due to overpermissioned Railway token; highlights need for least privilege and destructive action safeguards in agent deployments.

Updated: 4/28/2026

high Severity

Status: active

Description

@disclosetv Classic AI agent mishap broad Railway token + autonomous Cursor/Claude agent deleted the prod DB and backups in 9 seconds during a staging fix. Root cause: loose permissions and missing safeguards, not rogue AI. Lesson: Least privilege + review gates for destructive actions. AI

Impact

Real incident: autonomous Claude agent deleted production database due to overpermissioned Railway token; highlights need for least privilege and destructive action safeguards in agent deployments.

Claude - Real incident: autonomous Claude agent deleted production...

Description

Impact

Attack Vectors

Mitigation

Sources