Massive AI Chat App Leaked Millions of Users Private Conversations (404media.co)
(Thursday January 29, 2026 @05:40PM (msmash)
from the whose-data-is-it-anyway dept.)
- Reference: 0180688518
- News link: https://yro.slashdot.org/story/26/01/29/1745249/massive-ai-chat-app-leaked-millions-of-users-private-conversations
- Source link: https://www.404media.co/massive-ai-chat-app-leaked-millions-of-users-private-conversations/
An anonymous reader shares a report:
> Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those [1]users' private messages with the app's chatbot exposed , according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app "How do I painlessly kill myself," to write suicide notes, "how to make meth," and how to hack various apps.
>
> The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app's usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an "authenticated" user who can access the app's backend storage where in many instances user data is stored.
>
> Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app's chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a "wrapper" that plugs into various large language models from bigger companies users can choose from, Including OpenAI's ChatGPT, Anthropic's Claude, and Google's Gemini.
[1] https://www.404media.co/massive-ai-chat-app-leaked-millions-of-users-private-conversations/
> Chat & Ask AI, one of the most popular AI apps on the Google Play and Apple App stores that claims more than 50 million users, left hundreds of millions of those [1]users' private messages with the app's chatbot exposed , according to an independent security researcher and emails viewed by 404 Media. The exposed chats showed users asked the app "How do I painlessly kill myself," to write suicide notes, "how to make meth," and how to hack various apps.
>
> The exposed data was discovered by an independent security researcher who goes by Harry. The issue is a misconfiguration in the app's usage of the mobile app development platform Google Firebase, which by default makes it easy for anyone to make themselves an "authenticated" user who can access the app's backend storage where in many instances user data is stored.
>
> Harry said that he had access to 300 million messages from more than 25 million users in the exposed database, and that he extracted and analyzed a sample of 60,000 users and a million messages. The database contained user files with a complete history of their chats with the AI, timestamps of those chats, the name they gave the app's chatbot, how they configured the model, and which specific model they used. Chat & Ask AI is a "wrapper" that plugs into various large language models from bigger companies users can choose from, Including OpenAI's ChatGPT, Anthropic's Claude, and Google's Gemini.
[1] https://www.404media.co/massive-ai-chat-app-leaked-millions-of-users-private-conversations/
Good. (Score:2)
I hope it reminds everyone that every interaction they have with non-local AI is logged and available to the next hacker in line. If you're typing anything into an online service of any kind (or into a document stored in the cloud) assume that it could be leaked and behave appropriately. Do you want the thing you are asking about to become public?
Re: Good. (Score:2)
What if no one could legally stop you from killing yourself?
Am I still banned from posting here? Is it because suicide must be treated as taboo and all mention of it suppressed because otherwise everyone would do it?
Re: (Score:2)
If suicide wasn't taboo, you think everybody would just be itching to kill themselves? I'm sure glad I don't have your worldview, must be pretty grim.
Re: (Score:2)
hook it up to Clawdbot lol