Computer vision company Clarifai is being accused of being hacked last year by one or more people in Russia while participating in the Department of Defense’s Project Maven, then failing to report the breach to the Pentagon.
Former Clarifai employee and Air Force captain Amy Liu filed a lawsuit earlier this month in which she accuses the AI startup of being compromised by sources in Russia, then failing to report the breach to the Department of Defense in a timely fashion, Wired reported. Liu claims she was fired days after the breach was discovered for asking the company to report the incident to the Pentagon, while an unnamed former employee says handling of the breach led him to leave the company. Multiple employees left due to the company’s involvement with Maven.
Liu said she joined Clarifai last year to prepare a pitch to the military, and the company was awarded a six-month, $7 million Maven contract. Clarifai was reportedly involved in a similar part of Maven as Google: analyzing drone footage and improving object identification.
Word of Google’s involvement in Maven was first reported in March. In recent weeks the company said it would not renew its contract with the Department of Defense next year, and CEO Sundar Pichai announced a company ban on the use of AI for the creation of weaponry. More than 4,000 employees, including AI chief Jeff Dean, signed letters in opposition to the creation of autonomous weaponry at Google.
An incident report shared with Wired states that in November 2017, all of the company’s code and customer data may have been hacked via malware from Russia.
In response to the story, a Clarifai spokesperson said that last fall an untargeted bot was identified on an isolated research server separate from the infrastructure on which Clarifai customers run. An external assessment found that no customer data, company codes, nor algorithms were compromised.
Clarifai was founded in 2013 by Matt Zeiler following his win at the ImageNet computer vision contest. The startup offers computer vision services to a number of clients. Clarifai has so far raised more than $40 million from investors.
While Google plans to discontinue its role in Maven in 2019 and implemented a company ban on AI for weaponry, in response to Wired’s story, today Zeiler published a blog post titled “Why we’re a part of Project Maven.”
“For this project, we’re using the same widely-available version of the Clarifai technology that any developer or business can access today,” Zeiler wrote. “The capabilities developed here also have important civilian applications such as disaster response and search and rescue. We are a leading AI company and with responsibility being a core value of ours, we believe in putting our resources toward society’s best interests, and that includes America’s security.”
In response to allegations of employee turmoil, Zeiler said two employees requested and were granted reassignment from the Maven project.
The blog post as well as statements shared with VentureBeat and statements reported in Wired’s story make no attempt to specify when the breach was reported to the Pentagon or Clarifai customers.
Updated at 2:17 p.m. Pacific with comment from Clarifai spokesperson in response to Wired’s reporting.