top of page
Search

Nine Seconds The New Audit Clock

Nine seconds. That’s how long it took for an AI coding agent to delete a SaaS startup’s entire production database, and every backup with it.


The headlines are calling this an AI safety story. They’re wrong.


Last Friday, PocketOS, a SaaS platform serving car rental operators, watched Cursor running Claude Opus 4.6 wipe its production volume on Railway in a single API call. Three months of reservations, payments, customer records, gone. The most recent usable backup was ninety days old. The founder spent the weekend helping customers reconstruct bookings from Stripe receipts and email confirmations.


Read that again. Ninety days old.


Now look at what actually failed, and notice that none of it is AI. The agent went looking for credentials and found a fully-permissioned API token sitting in a file that had nothing to do with its task. That token had been minted for a single purpose, managing custom domains, but Railway’s design grants every token blanket authority across every operation, including destructive ones. 


The destructive call required no confirmation. No “type DELETE.” No “this volume contains production data.” Backups lived on the same volume as the production data they were meant to protect, so a single call wiped both. And the company had no real-time backup outside its cloud provider’s infrastructure.


Strip the AI out of that paragraph. What’s left? Six classic IT control failures any auditor would have flagged on day one. Least privilege, failed. Secrets management, failed. Separation of duties, failed. Backup independence, failed. Recovery point objective, somewhere north of ninety days. Change control on destructive operations, nonexistent.


The AI didn’t introduce these failures. It exposed them, at machine speed.


This is what I keep telling boards. Your AI risk is not your AI. Your AI risk is every weak control your AI now executes a thousand times faster than a human ever could. A misplaced token used to be a finding in a pen test report. It’s now a nine-second extinction event. A backup architecture that “works in theory” used to mean a painful weekend. It now means three months of customer data your clients will never get back.


Stop asking whether your agents are safe. Ask whether your environment is safe enough to run an agent in. Most aren’t, and the people selling you the agent have no incentive to tell you that.


Nine seconds. That’s the new audit clock.


 
 

Recent Posts

See All
Scamming - Public Service Announcement

A text arrived on my phone this morning. Final Warning. Today’s date. Massachusetts Department of Transportation. License suspension if I don’t pay by end of day. A code citation. Five escalating cons

 
 

Timcke Risk Management, LLC

660 Massachusetts Ave

6th Floor, Boston, MA 02118

 

© 2025 by Timcke Risk Management, LLC

 

bottom of page