TLDR: Transcripts generated by 333 beta testers of Granola’s beta TestFlight iOS app (”TestFlight app”) were made vulnerable by exposure of a third-party API key. We were informed by a researcher from Tenable and fixed the vulnerability. Our investigation showed that no other party exploited the vulnerability and that no data was retained by Tenable.

Summary

We experienced a security incident involving the exposure of an AssemblyAI API key in an early version of the TestFlight app. Because AssemblyAI was exclusively used by our iOS beta builds and our production macOS application uses a different transcription service, our macOS application and its contents remained unaffected.

If exploited, this vulnerability could have allowed a bad actor to access meeting transcripts generated by AssemblyAI through the app before the issue was resolved on Mar 11, 2025.

Tenable (a cyber security research company) discovered and responsibly disclosed the vulnerability (advisory TRA-2025-07). We missed Tenable’s initial email. When we were informed of the specifics of the vulnerability, we patched it the same day by revoking the key and removing it from our APIs. Our investigation confirmed that apart from a short window when Tenable was performing their controlled vulnerability testing, there are no instances of user data breach.

We are openly sharing this post-mortem to transparently explain the incident, our response, and improvements we’re making to help prevent security issues like this occurring in the future.

Explanation of Why and How This Happened

Timeline

  • Nov 14, 2024: Begin accepting beta testers of the app by invite-only.
  • Nov 27, 2024: Beta version of Granola for iOS started using AssemblyAI for transcription and the key was exposed through our API endpoint used for feature flags and app configuration.
  • Dec 16, 2024: Transcription moved to backend, the key was no longer needed by beta build, but the key remained unintentionally accessible.
  • Feb 18, 2025: Tenable first reached out requesting security contact details.
  • Feb 26, 2025: Tenable reached out for the second time requesting security contact details.
  • Mar 10, 2025: Granola established direct communication with Tenable requesting details.
  • Mar 11, 2025: Granola received full vulnerability details from Tenable, immediately revoked the exposed API key and removed it from APIs.
  • Mar 11, 2025: Confirmed remediation actions to Tenable.
  • May 12, 2025: Issue was publicly highlighted by an independent researcher, prompting escalation to executive team and a deeper internal investigation.
  • May 12, 2025: Contacted Tenable to verify details of their proof-of-concept testing.
  • May 13, 2025: Tenable updated their report, clarifying that the affected scope is limited to the TestFlight app.
  • May 16, 2025: Granola completed our internal investigation, confirming no unauthorized access to user data beyond Tenable’s controlled test.
  • May 16, 2025: Granola directly notified all 333 beta testers of the TestFlight app and published this post-mortem.

Root Causes

  • We made an architectural mistake by exposing the AssemblyAI API key through our API. Using AssemblyAI API key on the client was only a temporary solution that was replaced 3 weeks later, but it should have been avoided in the first place.
  • We made operational mistakes while responding to the incident. Our delayed response to Tenable’s initial outreach occurred because we lacked an effective security triaging process for external reports.

How We Addressed the Issue

  • Mar 11, 2025: Immediately verified and reproduced the vulnerability reported by Tenable.
  • Mar 11, 2025: Revoked and deleted the exposed API key, verifying its inaccessibility.
  • Mar 11, 2025: Generated a new AssemblyAI API key and stored it using AWS secret manager.
  • May 12, 2025: Increased internal security awareness, emphasizing prompt escalation of security incidents across the team.
  • May 12, 2025: Requested access logs from AssemblyAI’s load balancer, reviewing IP addresses, timestamps, endpoints, and transcript IDs.
  • May 12, 2025: Confirmed that post Dec 16, 2024, data access was strictly limited to our infrastructure and internal VPN, aside from a brief 12 minute window, when it was accessed by 1 other IP address, which provided access to 29 transcriptions from 16 external beta testers. This matches the time of Tenable’s proof-of-concept exposure testing.
  • May 15, 2025: Reviewed customer usage of the AssemblyAI API prior to Dec 16 and confirmed that respective transcripts were generally accessed only once by the originating customer’s IP address, except 3 instances that matched expected customer’s retry behaviors.
  • May 16, 2025: Tenable confirmed the access date we found in our investigation aligns with their testing. They confirmed no transcript data was retained and that their research was performed in accordance with Tenable policies.

Long-term Preventive Actions

We engaged Workstreet as our security partner, to provide support for security email monitoring (security@granola.so), vulnerability triage, penetration testing, security audits, and manage a bug bounty program (to be announced).

We are integrating CI secret scanning to stop exposed credentials from reaching production. We introduced an internal process to triage security incidents, encouraging rapid and open company-wide escalation. We established an incident response plan designed to ensure that incidents are promptly investigated and mitigated, and that notices to impacted customers are provided without undue delay, as appropriate.

Lastly, we kicked off the hiring process for a new Security Engineer role to improve our internal security capabilities.

Guidance for Customers

No action is required from our production users. If you were an beta user of the TestFlight app between Nov 14, 2024 and Mar 11, 2025, we have sent you a notification to the email associated with your Granola account that includes details regarding this event. If you have specific questions or concerns, please reach out to hey@granola.so.

Acknowledgements

We sincerely thank Tenable (Ben Smith) for responsibly disclosing the vulnerability, security researcher rez0 (Joseph Thacker) for raising public awareness, AssemblyAI for working with us on the investigation, and our internal team for quickly responding and mitigating the issue. We greatly appreciate the continued vigilance and support of the security community.

References