Picture this: you are having a normal conversation with an AI chatbot, and someone else is on the other line. That is not a plot from a spy movie. That is what is happening right now, according to a growing number of reports from researchers and security firms. AI chatbots are accidentally giving out people’s real phone numbers to strangers, and the issue is getting worse, not better.
This is not some theoretical risk. Multiple investigations published in recent weeks have found that popular AI applications are exposing sensitive user data including phone numbers, chat logs, and even call recordings. The data is not being stolen by hackers. It is sitting there in misconfigured databases, waiting for anyone who knows where to look. If you have ever typed your phone number into an AI chatbot, you need to keep reading.
In This Article
What Is Actually Happening
AI chatbots need to store conversations somewhere. That storage is supposed to be private, locked down behind security settings that only the owner can access. But researchers have found again and again that these security settings are wrong, or turned off entirely, or set by people who did not know what they were doing.
The result is that AI chat logs containing real phone numbers, email addresses, and conversation history are ending up visible to the public internet. Some of these leaks affect millions of users. A recent leak tied to Sears Home Services exposed call recordings and text chats from what appeared to be customer service conversations. Another incident exposed 300 million messages from 25 million users of a chat and ask AI application.
Here is the part that makes this especially concerning: you do not even need to be a hacker to find this data. Security researchers say the information is often sitting in databases that are indexed by search engines. Anyone with a browser and the right search terms can find it.
Which AI Apps Are Affected
- Sears Home Services – Call recordings and text chats exposed via misconfigured AI chatbot
- Firebase-based AI apps – Researchers found millions of messages exposed due to wrong settings
- Chat and Ask AI apps – A massive database leak affecting 25 million users
- Lovable (AI coding tool) – User conversations and AI prompts left publicly accessible
Why This Keeps Happening
- Developers rush to launch AI features without proper security review
- Default settings in cloud databases are often too open by design
- AI companies cut corners on data protection to stay competitive
- No strong industry standards requiring specific security configurations for AI apps
Why This Matters More Than a Normal Data Leak
Most people know that sharing your phone number online carries some risk. You might get spam calls. You might get telemarketing texts. Annoying, but manageable. But when your phone number gets mixed up with your AI chat logs, the risk goes up significantly.
Those logs might contain personal information you shared with the chatbot. Financial details. Health questions. Private conversations with friends or family that you pasted in to get help with something. All of that data, linked directly to your phone number, sitting in a database that anyone can find.
Security researchers call this “doxxing by design” because the AI is essentially handing out your contact details along with whatever else you said. Even if you never shared your phone number directly, if it is attached to your account or can be linked through other exposed data, it is fair game for anyone looking.
The Microsoft Copilot incident is a perfect example. An internal Microsoft error sent confidential emails to an AI tool, where they could potentially be retrieved by other users. This was not a hack. It was a mistake inside one of the largest technology companies in the world, and it shows how easy it is for sensitive data to end up in the wrong place when AI is involved.
What Could Happen If Your Data Is Exposed
- Identity theft through linked personal information
- Targeted phishing attacks using your conversation history as bait
- Social engineering where scammers already know your habits and preferences
- Harassment if someone connects your phone number to sensitive conversations
- Account takeover if your phone number is tied to authentication systems
The Hacker Who Used Claude to Steal Government Data
Here is a story that should make everyone pause. According to reporting from the Los Angeles Times, a hacker used Anthropic’s Claude AI to assist in stealing data from the Mexican government. The hacker did not break into a system using sophisticated malware. They used a language model to help plan and execute the attack.
This is the part that the AI industry does not like to talk about. These tools are not just helping users write emails and debug code. They are helping malicious actors figure out who to target, what to say, and how to exploit systems. The same capabilities that make Claude helpful for legitimate work make it useful for people with bad intentions.
Anthropic, the company behind Claude, has said it has policies against this kind of use. But policies do not stop determined actors, and the technology is widely available. This incident highlights a broader problem that security experts have been warning about: AI tools are making cyberattacks easier to execute, not harder.
AI Tools Being Used in Attacks
- Language models to craft convincing phishing emails
- AI-assisted reconnaissance to identify vulnerable targets
- Automated vulnerability scanning powered by AI
- Social engineering attacks generated from leaked conversation data
What You Can Actually Do About It
Look, I am not going to sit here and tell you to panic. That is not helpful, and the odds of any single person being directly targeted are still relatively low. But there are concrete steps you can take to reduce your exposure and protect yourself in this new world where AI is collecting everything you say.
Before You Use Any AI Chatbot
- Ask yourself if you really need to share your phone number or email with this service
- Check the privacy policy and see what data they collect and how long they keep it
- Use a temporary phone number or burner email when testing new AI tools
- Never share sensitive information like your social security number, financial accounts, or medical details
If You Have Already Used AI Chatbots
- Do not reuse phone numbers and emails across important accounts
- Consider using a password manager to track which services you have signed up for
- Watch your phone bill for any unusual charges or calls you did not make
- Be suspicious of any unsolicited calls that reference your recent conversations or searches
- Run a search for your phone number occasionally to see if it appears in any exposed databases
The Bigger Picture
Here is what is really going on here. AI companies are moving incredibly fast, and security is not keeping pace. Every month brings new AI features, new integrations, and new ways for your data to end up somewhere it should not be. The companies building these tools are under enormous pressure to ship faster than their competitors, and security reviews are often the first thing to get skipped when deadlines loom.
Regulators are starting to notice. The European Union’s AI Act is setting new requirements for transparency and data protection. In the United States, Illinois has introduced specific bills to regulate AI systems. But laws move slowly, and technology moves fast. By the time meaningful regulations are in place, the industry will have already shipped three more generations of products with the same rush-and-see approach to security.
This does not mean AI is bad or that you should stop using these tools altogether. The technology has real benefits, and used thoughtfully, it can be genuinely helpful. But using it thoughtfully means understanding the risks, not ignoring them. It means treating your conversations with AI the same way you treat your conversations with strangers on the internet, because that is essentially what they are.
The phone number leak story is not an anomaly. It is a symptom of a larger pattern. AI is being woven into more and more parts of our daily lives, and the infrastructure keeping that data safe is full of cracks. Until the industry decides that security is more important than speed, these leaks will keep happening. And the only person really watching out for your data is you.
Stay careful out there. Check your settings, watch what you share, and do not assume that just because a company is big and well-known, your data is automatically safe. Because as things stand right now, it probably is not.
Want more practical guides on staying safe with AI tools? Head over to AI Tool Gate for our latest reviews, tips, and analysis on the AI tools you are using every day. We break down what works, what is risky, and what the industry is not telling you.
How I reviewed this
AI Tool Gate evaluates AI tools and AI industry updates from a developer/operator perspective. I look at practical use cases, product positioning, pricing signals, reliability concerns, and whether the tool is actually useful for real workflows.
- Use-case fit: who this is for and who should skip it.
- Practical value: what changes for developers, creators, teams, or businesses.
- Trust check: claims are compared against public product pages, announcements, docs, and observable market context when available.
Written by
Gallih Armadaw
Senior backend developer with 8+ years of experience building production systems across PHP/Laravel, Node.js, cloud infrastructure, Web3, and AI-assisted workflows. I review AI tools from a practical developer/operator perspective.