- ‘Flirtai’ has leaked user data in an unprotected storage bucket
- The app’s user base looks out for primarily having been teenagers
- The leaked chats could have a devastating influence on the victims
It’s hard to imagine that a more mortified embarrassing scenario than your own private flirty chats are exposed to online, except maybe being caught by sending these messages for analyzing an AI app.
Researchers on Cygenerws Has discovered a violation of “Flirtai – Get Rizz & Dates” (yes, that’s really what it’s called) that has leaked over 160,000 chat screen from users through an unprotected cloud storage bucket.
Users of this app -Feed screen photos of their private conversations for the application to get tailor -made answers designed to help the user flirt or escalate the conversation.
More than just embarrassing
Nevertheless, this app seems to be surprising, but nonetheless this app seems to have been used primarily by teens.
Due to the configuration of the app, those who are primarily in danger are not those who have sent the chats but the person they are talking to – presumably other teens who are completely unaware that their conversation is leaked and probably unaware that this app even exists.
While we have seen more dangerous personal data leaked by other AI -Chatbots such as SSNs and financial information, the nature of this chatbot and its user base represents another kind of injury.
As an adult, I’m not sure how well I would handle my private chats exposed online, so for an already vulnerable teenager this could be devastating.
“The fact that teens used this app can increase the severity of a potential data violation such as data from minors is considered more sensitive and could be subject to several restrictions on potential data use and collection and processing practices,” Cyberernews researchers confirmed.
The app says users “are only allowed to upload a screenshot when you have received the necessary approvals from all users/people and their information mentioned in the screen”.
But since this would lapse the point of the chatbot, it seems pretty unlikely to be followed.
Those exposed in this violation could be at an increased risk of social technical attacks such as phishing or, given that the app is calling on users to share their target’s dating profile, there may be a risk of imitation attack.
