AI ‘wingman’ app leaks 160,000 screenshots of private chats - here's what we know

News
By published

AI dating advice chatbot has been compromised

Shocked iPhone
(Image credit: Getty Images)
  • 'FlirtAI' has leaked user data in an unprotected storage bucket
  • The app's user base seems to have primarily been teenagers
  • The leaked chats could have a devastating affect on victims

It’s hard to imagine a more mortifyingly embarrassing scenario than your own private flirty chats being exposed online, except, perhaps, being caught sending these messages off for analysis by an AI app.

Researchers at Cybernews have discovered a breach at "FlirtAI - Get Rizz & Dates" (yes, that is really what it’s called) which has leaked over 160,000 chat screenshots from users through an unprotected cloud storage bucket.

Users of this app feed screenshots of their private conversations into the application to get tailored responses designed to help the user flirt or escalate the conversation.

Save up to 68% on identity theft protection for TechRadar readers!

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)

View Deal

More than just embarrassing

Unsurprisingly, but worryingly nonetheless, this app seems to have been primarily used by teenagers.

Because of the configuration of the app, those primarily at risk are not those who have sent the chats in, but the person they’re talking to - presumably other teenagers who are completely unaware that their conversation has been leaked, and probably unaware that this app even exists.

Whilst we’ve seen more dangerous personal data leaked by other AI chatbots like SSNs and financial information, the nature of this chatbot and its user base represents a different kind of harm.

As an adult, I’m not sure how well I’d cope with my private chats being exposed online, so for an already vulnerable teenager this could be devastating.

“The fact that teenagers used this app may increase the severity of a potential data breach as data from minors is considered more sensitive, and could be subject to more restrictions regarding potential data uses and collection and processing practices," Cybernews researchers confirmed.

The app does state that users are “only allowed to upload a screenshot when you have obtained the necessary approvals from all users/humans and their information mentioned in the screenshot”.

But, since this would negate the point of the chatbot, it seems pretty unlikely that this is followed.

Those exposed in this breach could be at a heightened risk of social engineering attacks like phishing or, given that the app encourages users to share their target's dating profile, there could be a risk of impersonation attacks.

You might also like

TOPICS
Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.