OTTAWA, ON — Organizations around the world are racing to deploy artificial intelligence to strengthen cybersecurity defenses, accelerate investigations, identify vulnerabilities, and improve decision-making.

But what happens when the AI itself becomes the security risk?

That question is at the center of a growing investigation after reports emerged that unauthorized individuals may have gained access to SENTINEL-X, one of the world’s most advanced cybersecurity AI platforms.

Sentra Dynamics, the company behind the restricted model, confirmed this week that it is investigating claims that a small group of individuals accessed the platform without formal authorization.

The allegations first surfaced on a private online forum where users reportedly discussed access to the system, which is currently available only to a limited number of organizations operating in the technology, financial services, and critical infrastructure sectors.

In a statement, Sentra Dynamics emphasized that there is currently no evidence its internal infrastructure was breached. The company stated the investigation appears to involve a third-party vendor environment rather than its own systems.

For many cybersecurity professionals, however, that distinction may be the most concerning part of the story.

According to sources familiar with the matter, the individuals involved may have obtained access through an organization that already possessed legitimate permissions to use the model.

If confirmed, the incident would not represent a traditional cyberattack.

Instead, it would represent something many security leaders increasingly fear: a breakdown in how access to highly sensitive AI systems is governed, monitored, and controlled.

“This isn’t really a story about one AI platform,” said one AI governance advisor who spoke with ODTN News.

“It’s a story about every organization currently trusting AI to protect critical assets.”

SENTINEL-X is not a general-purpose chatbot.

The platform was reportedly developed specifically for cybersecurity applications and has demonstrated the ability to identify vulnerabilities, analyze attack paths, assist with penetration testing, and accelerate defensive security operations.

Those capabilities are precisely why access has remained tightly restricted.

Yet experts warn that as organizations rapidly adopt AI, many remain focused on what the technology can do while spending less time evaluating how the technology itself is secured.

Most organizations routinely ask questions such as:

Is our network secure? Is our data secure? Is our infrastructure secure?

Far fewer ask:

Who has access to our AI? Who can grant access? What can the model see? What actions can it perform? And how would we know if someone accessed it who shouldn’t?

“If unauthorized access is possible here, leaders need to ask a difficult question,” said the advisor.

“What is preventing the same thing from happening in their environment?”

The incident is also drawing attention to a growing challenge facing organizations across every sector: third-party risk.

Many organizations invest heavily in securing their own environments while extending trusted access to vendors, contractors, consultants, and service providers.

Security professionals say those trusted relationships are increasingly becoming attractive targets for threat actors.

The investigation arrives as organizations continue integrating AI into security operations centers, incident response workflows, vulnerability management programs, software development pipelines, and executive decision-making processes.

Experts say the pace of adoption has outperformed the pace of governance in many environments.

As a result, some organizations may now possess AI systems with access to significant amounts of sensitive information without fully understanding how those systems should be secured, monitored, or tested.

That reality is prompting renewed calls for tabletop exercises, AI governance reviews, access control assessments, and simulations focused specifically on AI misuse and unauthorized access scenarios.

“Most organizations have tested what happens if a server fails,” said another cybersecurity consultant.

“Very few have tested what happens if their most powerful AI system is accessed by someone who shouldn’t have access.” or what that access even looks like.

Security leaders warn that AI is quickly becoming more than a productivity tool. It is becoming a critical business asset. And like any critical asset, it must be protected accordingly.

For years, organizations have viewed artificial intelligence as a tool that helps secure everything else.

The incident involving SENTINEL-X suggests a new reality may be emerging.

The question is no longer whether AI can help defend organizations.

The question is whether organizations are prepared to defend the AI itself.

Because if one of the world’s most restricted cybersecurity models can allegedly be accessed through a trusted relationship without triggering immediate alarms, security leaders may need to ask a difficult question:

If that AI wasn’t secure, what makes us think ours is?

Watching the perimeter — and what slips past it. — Ayaan Chowdhury

TORONTO, ON — A dispute between a customer and Maple Crest Financial is drawing attention from cybersecurity professionals after the institution reportedly concluded that a series of disputed transfers were properly authenticated using facial verification technology, despite the customer maintaining he never approved them.

According to documents reviewed by ODTN News, approximately $15,000 was transferred from the customer’s account over several hours before the activity was discovered.

Maple Crest Financial has stated that its investigation found no evidence of a compromise of the bank’s systems and determined that the transactions were completed using the customer’s registered device and successfully authenticated through facial verification controls.

The customer disputes those findings.

The case is raising questions that extend far beyond a single account.

For years, financial institutions have encouraged customers to move away from passwords in favor of biometrics such as facial recognition, fingerprints, and passkeys. These technologies were designed to improve both convenience and security. However, cybersecurity experts say advances in generative AI are creating a new challenge.

What happens when your face becomes your password? What happens when someone claims they never used it?

While there is currently no evidence that artificial intelligence played a role in this incident, the dispute has sparked discussion around the growing capabilities of synthetic media and what they could mean for future fraud investigations.

“Ten years ago, the question was whether someone stole your password,” said one identity and access management specialist.

“Today, the question is whether anyone can prove it was really you.”

The customer has reportedly requested authentication records, device information, transaction logs, and additional details regarding the facial verification process used during the transfers. Cybersecurity professionals say those records would be central to understanding what occurred.

“If an institution concludes facial verification was successful, investigators should be asking how that determination was made,” said one fraud response specialist.

“What confidence score was generated? Was liveness verification performed? Were any risk indicators triggered? Those details matter.”

The specialist stressed there is currently no evidence suggesting Maple Crest’s biometric systems were bypassed or compromised. Still, the incident highlights a broader challenge facing organizations that increasingly rely on digital identity technologies.

Historically, security teams focused on preventing unauthorized access. Increasingly, they may need to focus on proving authorized access.

“The future problem isn’t necessarily that attackers break authentication systems,” said a banking security consultant.

“The future problem is that a customer says they didn’t perform an action while every system says they did.”

Experts say that possibility should be forcing organizations across the financial sector to rethink preparedness.

Many institutions regularly test phishing attacks and traditional account takeover scenarios. Far fewer conduct tabletop exercises involving biometric authentication disputes, synthetic identity fraud, or AI-enabled impersonation.

As organizations continue adopting facial recognition, behavioral analytics, and AI-driven identity technologies, experts warn that those scenarios are becoming increasingly relevant.

Because if a customer says, “That wasn’t me,” and every security control says it was, the challenge is no longer preventing fraud.

It’s proving identity.

And in the age of generative AI, that may become one of the most difficult security problems organizations face.

Watching the perimeter — and what slips past it. — Ayaan Chowdhury

Authorities and logistics security experts are investigating a suspected manipulation of cargo risk-scoring systems used to prioritize container inspections at several international port terminals, after investigators discovered patterns suggesting that high-value illicit shipments may have repeatedly bypassed screening thresholds.

According to individuals familiar with the investigation, the activity centres on a cargo targeting platform used by Northside Maritime Exchange, a global logistics coordination firm that processes shipping documentation and routing data for freight moving through major international ports. The platform aggregates information from shipping manifests, commodity classifications, declared cargo values, and historical shipment records to assist customs officials and port operators in determining which containers should receive additional inspection.

Modern container terminals process tens of thousands of shipments each day, making full physical inspection impossible. Risk-scoring systems — many of them incorporating machine learning components, help authorities identify containers most likely to require scrutiny while allowing lower-risk cargo to move efficiently through port facilities.

Investigators now believe organized smuggling networks may have discovered how to manipulate those scoring models.

Rather than attempting to breach port infrastructure or access restricted systems, the actors appear to have exploited weaknesses in the data used to evaluate shipments. By carefully altering combinations of commodity codes, shipment values, freight forwarder details, and routing information, the groups were able to repeatedly generate low-risk classifications within the targeting system. Containers associated with those shipments were consistently ranked below the threshold for additional inspection.

In several cases reviewed by analysts, cargo that would normally attract closer scrutiny including high-value electronics and restricted components was instead categorized under commodity codes typically associated with low-risk consumer goods. Investigators believe the misclassification allowed the shipments to pass through standard logistics channels without triggering deeper review. Security analysts say the technique did not involve hacking the system itself.

“The platform was operating normally,” said one logistics security specialist familiar with the case. “What appears to have happened is that the actors learned how the risk scoring weighed different pieces of shipping data, and then structured their documentation to produce the lowest possible risk rating.” Such targeting platforms are widely used across the global shipping industry. Customs authorities rely on them to prioritize inspections based on a combination of intelligence alerts, rule-based filters, and automated risk models that analyze shipment data submitted by carriers and freight brokers. While automation has dramatically improved efficiency, experts say it also creates opportunities for sophisticated actors to study and exploit the underlying logic.

“In global shipping, documentation drives everything,” said a supply chain risk analyst who has worked with international port operators. “If criminals understand which data points influence inspection decisions, things like commodity codes, shipper history, or routing paths, they can begin shaping shipments in ways that appear statistically low risk.”

The activity first drew attention after analysts reviewing historical cargo data noticed unusual patterns among shipments processed through several logistics corridors. Containers linked to the same freight intermediaries were repeatedly assigned low inspection priority despite originating from higher-risk trade routes. Investigators are now reviewing whether the activity represents a coordinated smuggling campaign or a broader vulnerability affecting automated cargo targeting systems.

Ports represent one of the most complex environments in global commerce. A single large container terminal may process more than 30,000 containers per day, with customs authorities inspecting only a fraction of that volume. Automated risk scoring systems therefore play a critical role in determining where limited inspection resources are focused. Security specialists warn that as these systems become more data-driven, they may also become more predictable.

“When algorithms are used to rank risk, patterns inevitably emerge,” the analyst said. “If someone studies those patterns long enough, they may eventually learn how to stay below the threshold.”

The case has prompted renewed discussion among supply chain security professionals about how automated targeting models should be monitored and updated to prevent manipulation. Some experts are calling for greater integration of anomaly detection tools capable of identifying unusual documentation patterns even when individual shipments appear legitimate.

For now, investigators emphasize that the incident does not appear to involve any breach of port infrastructure or customs systems. Instead, the concern lies in how shipment data itself may have been strategically structured to influence automated decision-making. The episode highlights a growing challenge as artificial intelligence and predictive analytics become more embedded in critical infrastructure. Increasingly, security experts say, the most effective attacks may not target systems directly but the data those systems rely on to make decisions.

And in global trade, where billions of dollars in goods move through automated logistics networks every day, even small shifts in how risk is calculated can determine which containers receive scrutiny… and which ones quietly pass through the world’s busiest ports.

Watching the perimeter — and what slips past it. — Ayaan Chowdhury