Sunday, 13 July 2025
27.5 C
Singapore
28.5 C
Thailand
19.9 C
Indonesia
28.1 C
Philippines

AI chatbot builder leaks private data online

AI startup WotNot exposed 346,381 sensitive files online, risking identity theft and fraud. Learn about the breach and its impact.

A major data breach involving an AI startup has exposed sensitive personal information online, putting thousands at risk of identity theft and fraud. Experts from CyberNews uncovered an unsecured Google Cloud storage bucket belonging to WotNot, an AI chatbot provider, which contained a staggering 346,381 files.

The exposed documents included passports, CVs, medical records, and other sensitive details such as full names, contact information, and addresses. The storage bucket was openly accessible without the need for authorisation and remained exposed for over two months after initial warnings were sent.

What happened at WotNot?

WotNot is a startup specialising in AI-powered chatbots, offering businesses around-the-clock virtual customer support. With over 3,000 clients in industries such as insurance, finance, healthcare, and banking, the company provides services to high-profile customers, including the University of California, Chenening, and Amneal Pharmaceuticals.

Despite its advanced offerings, WotNot’s oversight highlights a significant risk in relying on third-party vendors for essential systems. Businesses often use external services to save resources and enhance efficiency, but such partnerships can introduce vulnerabilities. This breach underscores the need for stricter cybersecurity measures, especially when handling sensitive customer data.

AI services, which often require users to input personal information into automated systems, are particularly susceptible to data leaks. In WotNot’s case, the breach leaves its clients and users vulnerable to identity theft, phishing scams, and other forms of fraud.

The dangers of data leaks

Cybersecurity experts warn that this breach represents a substantial risk to affected individuals and businesses. CyberNews states, “The exposed personal documents provide threat actors a complete toolkit for identity theft, medical or job-related fraud, and various other scams.”

Individually, leaked data can be exploited for targeted phishing attacks or used to commit financial fraud, such as taking out loans under stolen identities. For organisations, these leaks can damage reputation, incur legal penalties, and lose customer trust.

Recent incidents, like this breach and the Blue Yonder ransomware attack, serve as reminders of the importance of robust cybersecurity. Businesses must regularly vet and monitor third-party vendors, particularly when managing interconnected systems like AI services. As reliance on digital platforms grows, so does the need for rigorous data protection practices.

Moving forward

This incident highlights the pressing need for stricter data protection standards within the tech industry. For WotNot, the focus must shift to addressing the vulnerabilities that allowed such a breach to occur. For other businesses, the takeaway is clear: cybersecurity should be a priority, not an afterthought.

This breach is a stark reminder that even modestly sized companies can pose significant security threats if proper safeguards are not in place. Whether it’s an AI chatbot or another digital tool, businesses must ensure the safety of their customers’ data to maintain trust and credibility.

Hot this week

Google focuses AI investment on technical infrastructure to stay ahead

Google prioritises AI infrastructure with US$75B investment, aiming to stay competitive and avoid falling behind in the fast-moving AI race.

TikTok may dodge US ban with new app and ownership deal

TikTok could avoid a US ban with the launch of a new app on September 5 and a possible sale to non-Chinese investors, including Oracle.

Sony halts Xperia 1 VII sales in several Asian markets due to technical issues

Sony halts Xperia 1 VII sales in several Asian countries after users report shutdown issues, although it remains available in Singapore for now.

Nothing launches Headphone (1) in Singapore with bold design and immersive sound

Nothing launches its first over-ear Headphone (1) in Singapore, blending design, sound, and AI features for an immersive audio experience.

Epson launches WorkForce Pro EM-C8100/C8101 multifunction printers in Singapore

Epson launches the WorkForce Pro EM-C8100/C8101 in Singapore, offering high-speed printing and eco-friendly features for modern offices.

OpenAI preparing to launch AI-powered web browser to rival Chrome

OpenAI plans to launch a new AI-powered web browser, aiming to transform the browsing experience using ChatGPT technology.

Singapore to get Huawei’s 480kW ultra-fast EV charger by the end of 2025

Huawei brings 480kW ultra-fast EV charger to Singapore by late 2025, slashing charge times and boosting support for commercial vehicles.

Samsung, Google, and Qualcomm share their vision for where mobile AI is heading

Samsung, Google, and Qualcomm share how mobile AI will become more helpful, personal, and invisible in your everyday life.

Razer unveils DeathAdder V4 Pro with pro-level features and ultra-lightweight design

Razer’s DeathAdder V4 Pro lands with 8000Hz wireless polling, a lighter design, and esports-level precision for serious gamers.

Related Articles

Popular Categories