A security researcher uncovered a data exposure affecting Chat and Ask AI, one of the most widely downloaded AI chat apps on Google Play and the Apple App Store, with more than 50 million users. The researcher reported accessing roughly 300 million messages tied to over 25 million users through a database that had been left exposed.
The incident centers on how the application stored user conversations. According to the disclosure, the database was reachable without adequate access controls, allowing anyone who located it to read the message contents. Chat logs from AI assistants often contain personal details, since users paste in emails, documents, health questions, and workplace information while seeking help from the tool.
The exposure illustrates a recurring pattern in the rapid rollout of consumer AI products. Applications that scale to tens of millions of users can outpace the security practices needed to protect the data those users generate. Misconfigured or unsecured databases have been a common thread across several AI-related incidents reported through 2026.
Security specialists note that the volume of exposed messages makes the leak significant regardless of whether the data was accessed by malicious parties. Once conversation histories are exposed, the sensitive information inside them cannot be recalled. The disclosure adds to scrutiny of how AI chat providers handle storage, retention, and access to the large troves of personal text their products collect.
Source: Malwarebytes - https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users
