Meta has fixed a bug that allowed Meta AI chatbot users to access and view private prompts and AI-generated answers of other users.
Sandeep Hodkasia, cybersecurity expert and founder of security testing firm AppSecure, told TechCrunch that Meta paid him $10,000 as a bug bounty reward for disclosing the vulnerability on December 26th, 2024.
One month later, on January 24th, 2025, Meta had fixed the security bug he filed. A Meta spokesperson acknowledged that the company had found no evidence that hackers had exploited the vulnerability.
Hodkasia discovered the bug after investigating how Meta AI allows its logged-in users to modify their AI prompts to regenerate text and images.
He discovered that when a user edits their prompt, Meta’s backend servers assign a unique number to the prompt and the AI-generated response.
By analyzing his browser’s network traffic while he edited an AI prompt, Hodkasia found he could modify the unique number to make Meta’s servers return a prompt and an AI-generated response from another user. This number, the security expert said, was easy to guess.
The bug is proof that Meta’s servers weren’t properly checking that the user requesting the prompt and its response were authorized to view it.
The vulnerability serves as a wake-up call for other tech companies to continually review their AI chatbots for security vulnerabilities. With more and more people using AI chatbots, they should be assured that their chats stay private, confidential, and secure, especially when their chat history contains sensitive information.
This is the second privacy-related blunder for Meta in a short period of time. Last month, it came to light that the design of the Meta AI app can cause users to unintentionally make their private conversations public. Meta added a warning that alerts users when they post a prompt to their own feed.
Your email address will not be published. Required fields are markedmarked