Users of the popular iOS app FlirtAI – Get Rizz & Dates may have unknowingly had their private chat screenshots exposed online. The app, designed to help users craft clever replies in dating apps and conversations, leaked over 160,000 screenshots after leaving a Google Cloud Storage bucket unprotected.
The exposure raises serious concerns about privacy, data security, and the potential mental health impact on users—many of whom appear to be teenagers.
The Leak: How It Happened
Cybernews researchers discovered the unprotected cloud storage owned by Buddy Network GmbH, the developer behind FlirtAI. The exposed data consisted mainly of chat screenshots and dating profile images that users uploaded to receive AI-generated response suggestions.
The app’s concept involves users taking screenshots of ongoing conversations or dating profiles, which FlirtAI then analyzes to suggest five tailored responses. Unfortunately, those screenshots—containing personal and sometimes sensitive conversations—were left publicly accessible.
Following notification from Cybernews and relevant Computer Emergency Response Teams (CERT), Buddy Network GmbH quickly secured the storage bucket. However, the damage had already been done.
What Information Was Exposed?
The leaked screenshots included:
- Private chat conversations from dating and messaging apps
- Dating profile details and images
- Initials or usernames visible in the screenshots
Many of the individuals whose conversations appeared in the screenshots were likely unaware that their private messages had been shared with a third-party app—let alone leaked online.
Teenagers at Greater Risk
Alarmingly, researchers observed that teenagers frequently used the app, potentially amplifying the risks of the breach. Minors are more vulnerable to the negative effects of data exposure, including distress, harassment, or cyberbullying.
The app’s own description asks users to seek consent before uploading screenshots, but this request is largely unrealistic given the app’s casual, youth-focused user base. As a result, many individuals unknowingly had their private conversations shared without their permission.
Mental Health and Privacy Concerns
The breach has wider implications beyond privacy. FlirtAI’s users may include individuals grappling with self-esteem or social confidence issues. The leak of their private chat attempts could lead to embarrassment, anxiety, or worse—especially among younger users.
Experts warn that breaches involving minors can trigger stricter legal scrutiny. Under European privacy laws such as the General Data Protection Regulation (GDPR), handling minors’ data demands greater care and responsibility.
The Developer: Buddy Network GmbH
Buddy Network GmbH, the Berlin-based developer, has other AI-driven apps in the Apple App Store, including:
- Angel – Talk to me at any time: An AI companion app
- 90 Seconds – Your AI Journal: An AI-powered journaling app
The data leak from FlirtAI now places the company under the spotlight, particularly concerning its data handling practices and compliance with strict European privacy regulations.
A Broader Problem: iOS Apps and Data Leaks
FlirtAI is not an isolated case. Cybernews researchers have repeatedly uncovered privacy violations across various iOS apps. Past discoveries include:
- Dating apps exposing private images and messages
- Family tracking apps leaking sensitive information
- Thousands of iOS apps with hardcoded plaintext credentials
In one large-scale investigation, researchers analyzed over 156,000 iOS apps and found that 71% leaked at least one security secret. The average app exposed 5.2 secrets—a troubling indication of systemic security negligence in app development.
Conclusion
The FlirtAI incident highlights the dangers of sharing private content with AI-driven applications. Users, particularly younger ones, often overlook the security implications of uploading sensitive data for AI assistance.
App developers must prioritize security from the ground up, especially when dealing with personal data. Meanwhile, consumers should remain cautious about what they share and consider the risks before uploading sensitive content to third-party apps.
In an era where AI is increasingly woven into everyday digital experiences, balancing convenience with privacy protection is more crucial than ever.
0 responses to “FlirtAI App Chat Screenshot Leak Exposes Sensitive Data from 160K Users”