MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users.
MyLovely.AI allows people to create personalized not safe for work (NSFW) content and engage in real-time conversations with AI-generated companions, often involving highly personal prompts and interactions.
According to Have I Been Pwned, the breach exposed email addresses, user-created prompts, links to the resulting AI-generated images, and a limited number of social media profiles, including Discord and X usernames.
Based on posts on a popular cybercrime forum, the leak seems to include user IDs and generated on-site content such as prompts, images, and metadata, as well as content moderation reports.
The dataset also contains several JSON files, including Profiles, Gallery_Items, Community_Items, and Collections, along with details such as subscription information, storage URLs, and collection metadata.
In addition, two datasets containing about 113,000 explicit NSFW prompts were identified. Nearly 70,000 of them can be linked back to specific user IDs, which makes this part of the leak especially sensitive.
Because of the type of platform, this kind of exposure could put affected users at risk of sextortion, especially if someone manages to connect the leaked information to actual persons.
