Millions are turning to AI for intimacy, but the same digital lovers may be quietly leaking their deepest secrets to hackers. Researchers have uncovered that most AI girlfriend apps have critical security issues.
A survey into Gen Z and Millennial men found that 43% feel financially strained by dating. On the other hand, nearly 1 in 5 men have admitted to having flirted with an AI, and 47% of men believe virtual AI dates can meet emotional needs.
With AI penetrating almost every area of daily life, the trend is clear – we will definitely see more AI entering personal space.
Unfortunately, hackers and privacy risks are advancing just as quickly, and millions of users confiding in so-called “AI girlfriend” and companion apps may be exposing their most private thoughts to something far less romantic.
Research conducted by the security firm Oversecured found 14 critical and 311 high-severity vulnerabilities across 17 popular AI companion apps on Google Play, collectively downloaded more than 150 million times.
In at least six popular AI girlfriend apps, attackers could gain access to user conversations, which are often deeply personal, full of explicit content, and, most troublingly, tied to real identities.
Hackers can access private conversations
While trusting an AI model to be their romantic companion, users are openly disclosing their sexual fantasies, describing affairs, questioning their identity, and, in some cases, revealing suicidal thoughts.
All these private conversations are often stored and linked to accounts. In 10 of the 17 apps analyzed by researchers, discovered vulnerabilities created a pathway to users’ conversations with AI bots. This leaves app users sharing their most vulnerable truths with systems that may be less secure than a basic messaging app.
According to researchers, the app, which has more than 10 million downloads, shipped with hardcoded credentials, including an OpenAI API token and a Google Cloud private key, embedded directly in its code. Extracting them requires little more than basic reverse engineering.
Another app allowed cross-site scripting (XSS) in its chat interface, allowing an attacker to inject malicious code into what appears to be a private conversation. This might result in real-time message interception, session hijacking, or even fake replies generated inside the chat.
A third vulnerability allowed arbitrary file theft, exposing local chat databases, cached photos, voice messages, and authentication tokens. The affected app is known for hosting explicit content.
Curious what others think about this story? Contribute your thoughts to the debate below.
Perhaps most striking, an app with 50 million downloads was found vulnerable through its advertising software. A malicious ad could trigger internal components and directly query databases storing user conversations, a supply-chain attack delivered through something as mundane as an in-app banner.
According to researchers, many of the newly discovered vulnerabilities remain unpatched.
Regulatory gray zone?
Despite the sensitivity of the data being shared, regulation is lagging behind. AI girlfriend and companion apps are not classified as healthcare products. HIPAA, for example, protects patient records at hospitals and clinics.
“These apps handle a different but equally sensitive category of data as therapy platforms. But they grew so fast that basic security was never part of the process,” said the founder of Oversecured, Sergey Toshin.
Many of these apps are “wrappers.” This means that they connect to a third-party AI model (OpenAI, Google, or open-source) and add an interface, a personality, and a payment system.
The AI provider handles the model. The wrapper developer handles authentication, data storage, and Android security. Every vulnerability discovered by researchers was in the wrapper layer, which well-known AI brands are not protecting.
However, regulators are aware of the problem. In 2025, Italian regulators fined Replika's developer €5 million for GDPR violations, including processing user data without a legal basis, inadequate privacy disclosures, and failing to put in place effective age checks to keep minors out.
The EU AI Act requires all chatbots to disclose that they are AI and bans manipulative techniques targeting vulnerable users. Still, it contains nothing about how companion apps must secure the conversations they collect, leaving most of that to older laws like the GDPR.
AI romance that causes problems
Currently uncovered vulnerabilities can be just the tip of an iceberg. There have already been high-profile data leaks linked to AI girlfriend apps. Reportedly, Muah.ai, an AI girlfriend website, exposed users’ explicit fantasies and custom bots after it was breached.
Researchers previously uncovered that Chattee Chat and GiMe Chat apps leaked more than 43 million messages and over 600,000 images and videos from over 400,000 users, including purchase histories that showed some people spending thousands of dollars on their virtual partners.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked