A security researcher uncovered a major data leak in early 2026 affecting Chat & Ask AI, one of the most widely downloaded AI chat applications on the Google Play and Apple App stores. The exposure left a large volume of private conversations between users and the app's chatbot openly accessible, according to reporting on the incident.
Coverage of the breach described hundreds of millions of messages tied to tens of millions of user accounts. The app had drawn a substantial user base across both major mobile platforms, which widened the scale of the exposure. The messages reportedly included the kind of personal information users routinely share with AI assistants, from everyday questions to more sensitive details entered in the course of a conversation.
The incident reflects a pattern researchers have tracked as AI tools spread. Reports through 2025 documented employees pasting confidential company information into AI chatbots, and security analysts noted that the rate of AI-related data incidents rose from roughly 3 per year in 2020 and 2021 to about 14 per year in 2025. The growth has accompanied the rapid adoption of consumer and enterprise AI applications.
Security professionals responding to the leak pointed to misconfigured storage and weak access controls as common causes of such exposures. The case added to a growing record of AI applications that collect detailed user data while lacking the safeguards needed to protect it, prompting renewed attention to how chat data is stored and secured.
Source: Malwarebytes - https://www.malwarebytes.com/blog/news/2026/02/ai-chat-app-leak-exposes-300-million-messages-tied-to-25-million-users