Massive Data Scrape Attack Forces Midjourney to Temporarily Disable Servers
Last Saturday, AI-image generator Midjourney’s servers were temporarily disabled for 24 hours owing to a massive attack. The assailants, suspected to be data collection engineers from rival firm Stability AI, conducted the attack via a single account. Following this incident, all Stability AI employees have been barred from using the Midjourney platform.
Details of the Attack & Investigation
Midjourney engineers detected anomalous activities from an account repeatedly requesting and downloading user queries and images. The continuous flow of these request-image pairs led to an overload on the company’s servers, resulting in a partial database shutdown for 24 hours. Following a thorough investigation, Midjourney identified the culprit account linked to two credit cards owned by a leading data collection engineer at Stability AI’s Stable Diffusion team. As a consequence, Midjourney has decided to blacklist all employees of Stability AI from their platform.
Competition in AI Generation Industry
Midjourney and Stability AI are leading competitors in the generative AI sector. San Francisco-based Midjourney, founded by David Holz, pulls in revenue of around $200 million and operates with a lean team of fewer than 100 employees without any external capital. London-based Stability AI has managed to raise $197 million in funding from Lightspeed, Coatue, and Intel at a $1 billion valuation. As per AIM Research data, the company garnered revenue worth $44.2 million in 2023.
Stability AI’s CEO Emad Mostaque responded to the incident, doubting that the activities can be deemed a DDoS attack. He maintained that if any of his employees were involved, their actions were not premeditated and promised to run an internal investigation. To aid this, Holz shared additional information with Mostaque.
Understanding Data Scraping
Data scraping refers to the extraction of information from other software responses, typically in order to train AI models. While this has become a standard practice, it sometimes raises eyebrows due to its impact on the host servers, leading to slow response times and a diluted user experience. However, server shutdown incidents due to data scraping have been unprecedented until now.