A widely used AI assistant app left a large volume of private user data exposed because of a misconfigured database, security researchers reported. Chat & Ask AI, an application with more than 50 million downloads across the Google Play and Apple app stores, exposed roughly 300 million messages tied to about 25 million users in late January 2026.
According to the researcher who found the issue, the exposure stemmed from a Firebase database with security rules set to public, which allowed anyone holding the project address to read, modify, or delete records without authentication. The exposed conversations included sensitive material, with users having asked the app questions that ranged from personal crises to requests for harmful instructions, illustrating the kind of private information people share with AI tools.
The incident adds to a series of 2026 reports involving AI services that left user conversations accessible. Misconfiguration, rather than a sophisticated attack, was the root cause, a pattern common across cloud data exposures. Security specialists note that AI chat applications collect detailed personal data and that default or loosely set permissions can expose that data at scale. The app developer faced scrutiny over how the database was secured and how long the records remained reachable before the issue was addressed.
Source: Malwarebytes - https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users