2024-10
Data Leakage
Muah.AI

AI companion site Muah.AI hacked, exposing user emails tied to submitted prompts

What happened

The uncensored AI companion service Muah.AI was breached by a hacker who described the site as loosely assembled open-source components. The stolen data linked personal email addresses to prompts users had submitted, some describing illegal content.

Impact

Around 1.9 million email addresses were exposed alongside associated chatbot prompts, some describing illegal exploitation scenarios.

How this could have been prevented

Sensitive-content AI services need real security engineering rather than duct-taped open-source stacks, plus segregation of identity data from prompt data.

Sources

More data leakage incidents

Would runtime governance have caught this?

Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.

Request a demo