Twin AI data leaks expose over a billion personal KYC records and private media files: Report

Two major data leaks linked to AI apps have exposed sensitive information of millions globally, according to Cybernews. Reportedly, the first data leak compromised 1 billion records, while the second leak may have exposed around 8.27 million media files.

Aman Gupta
Updated3 Mar 2026, 10:47 PM IST
Two separate data leaks have compromised data of millions of users globally
Two separate data leaks have compromised data of millions of users globally(AI generated image)

Cybersecurity researchers have uncovered two massive data leaks linked to two AI-related apps that have exposed the sensitive personal data and media files of millions of users globally, according to multiple media reports. The leak was revealed in two separate reports by Cybernews (first reported by Forbes), in which the security researchers warned that over a billion records could be compromised.

Global data leak

The first leak is said to have exposed 1 billion sensitive personal records spanning individuals from 26 countries. The United States was the most affected, with over 203 million exposed records, followed by Mexico (124 million) and the Philippines (72 million).

View full Image
Countries affected by data leak
(Cybernews)

Reportedly, the exposed data included “core personal identifiers used for your financial and digital life,” including full names, addresses, postcodes, dates of birth, national IDs, phone numbers, genders, email addresses and telco metadata.

Researchers say that the downstream risks of this data leak could include account takeovers, targeted phishing, credit fraud, SIM swaps, and long-tail privacy harms.

Video AI Art Generator & Maker leak

Accordint to the Cybernews report, the second leak is linked to an Android app named “Video AI Art Generator & Maker,” which has been downloaded over 500,000 times on Google Play and rated 4.3 stars with over 11,000 reviews.

The app was found leaking user data due to a misconfigured Google Cloud Storage bucket that allowed anyone access to stored files without authentication, as per the report. Researchers say the app leaked over 1.5 million user images and 385,000 videos, along with millions of media files generated by users using AI.

Livemint could not independently verify the authenticity of these reports.

The exposed bucket contained approximately 8.27 million media files and over 12TB of users’ media. Researchers say that it has stored and leaked every file uploaded since its launch on 13 June 2023, while the oldest file in the bucket dates back to three days before the launch.

The app was developed by Turkey-registered Codeway Dijital Hizmetler Anonim Sirketi, a company that previously saw another of its apps, Chat & Ask AI, leak roughly 300 million messages tied to more than 25 million users.

Note: The story was first published on 23 February and subsequently updated to reflect the latest developments.

About the Author

Aman Gupta

Aman Gupta is a Digital Content Producer at LiveMint with over 3.5 years of experience covering the technology landscape. He specializes in artificial...Read More

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.

Business NewsTechnologyNewsTwin AI data leaks expose over a billion personal KYC records and private media files: Report
More