A security researcher uncovered a major data exposure affecting Chat and Ask AI, one of the most widely downloaded artificial intelligence chat apps on the Google Play and Apple App stores, with more than 50 million users. The researcher reported gaining access to roughly 300 million messages from over 25 million users through an improperly secured database.
The exposed messages reportedly included sensitive material, ranging from discussions of illegal activity to requests for suicide assistance, raising concerns about the privacy of conversations users assumed were confidential. The underlying flaw was traced to a misconfigured Firebase database, a well documented type of cloud security error in which access controls are left open rather than restricted.
The researcher disclosed the vulnerability to Codeway, the developer behind the app, on January 20. According to the account, the company moved quickly and fixed the issue across all of its applications within hours of being notified. There was no indication in the disclosure that malicious actors accessed the data before it was secured.
The incident fits a broader pattern documented across the AI application market. Between January 2025 and early 2026, security researchers cataloged at least 20 separate incidents that exposed the personal data of tens of millions of users, with most tracing back to the same preventable causes, including misconfigured databases, missing access controls, and hardcoded credentials left in production systems.
Source: Malwarebytes - https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users
