AI Girlfriend Platform Leaks 113,000 Explicit User Prompts
▼ Summary
– MyLovely.AI, an AI girlfriend platform, experienced a data breach affecting over 100,000 users.
– The breach exposed email addresses, user-created NSFW prompts, links to AI-generated images, and some social media profiles.
– Leaked data included user IDs, on-site content like images and metadata, and content moderation reports from the platform.
– The dataset contained structured files with user profiles, subscription details, storage URLs, and collection information.
– This exposure creates a significant risk of sextortion for users, as personal prompts can be linked to their identities.
A significant data breach at the AI girlfriend service MyLovely.AI has compromised the sensitive information of more than 100,000 users. The platform specializes in generating personalized, explicit content and facilitating real-time conversations with artificial companions, making the nature of the exposed data particularly alarming.
Security researchers at Have I Been Pwned confirmed the incident exposed a trove of personal information. The compromised data includes user email addresses, the specific prompts individuals submitted to generate content, and direct links to the resulting AI-generated images. A smaller subset of linked social media profiles, such as Discord and X usernames, was also part of the leak.
Analysis of postings on a prominent cybercrime forum reveals the full scope of the breach extends beyond basic account details. The leaked dataset contains internal user IDs and a comprehensive archive of on-site activity. This encompasses not only the original user prompts and the images they generated, but also associated metadata and internal content moderation reports.
The structure of the leaked data is detailed within several JSON files. Key files named “Profiles,” “GalleryItems,” “CommunityItems,” and “Collections” were identified. These files reportedly contain further sensitive details, including user subscription information, storage URLs for generated media, and extensive collection metadata.
Perhaps the most concerning discovery is the inclusion of two distinct datasets containing approximately 113,000 explicit NSFW prompts. Security experts note that nearly 70,000 of these highly personal prompts can be directly linked back to specific user IDs through the exposed data. This direct linkage transforms a data breach into a profound privacy crisis for those affected.
Given the platform’s purpose, this exposure creates severe risks for users. The combination of explicit prompts, linked account identifiers, and potential social media connections dramatically increases the threat of sextortion. Malicious actors could use this information to identify and blackmail individuals, leveraging the deeply private nature of the leaked interactions to apply pressure. The breach underscores the unique vulnerabilities inherent in platforms built around intimate AI-generated content.
(Source: Help Net Security)
