Monorepo

iOS apps leaking user data: Firehound catalog highlights AI-driven privacy risks

iOS apps leaking user data: Firehound catalog highlights AI-driven privacy risks
source: gettyimages
January 28, 2026

Security researchers have identified numerous iOS apps that expose user data, and a new project is attempting to document the breach more comprehensively. VX Underground, a malware research collective, notes that CovertLabs is assembling a public dossier on iOS apps that leak information into the open web. At the time of the initial disclosure, 198 offending apps had been flagged, with many of the worst offenders tied to artificial intelligence features.

One standout example is Chat & Ask AI from Codeway, which CovertLabs says has left 18 million users’ chat histories exposed—totaling roughly 380 million messages—plus phone numbers and email addresses. This data appears to be accessible to anyone who knows where to look, which underscores how sensitive information can slip through even well-meaning AI interfaces. Another implicated app is YPT – Study Group, which researchers say exposed data from more than two million users, including chat messages, AI tokens, user IDs and keys.

CovertLabs has created a repository called Firehound to host a list of affected apps. The collection includes redacted sample data so researchers and security practitioners can gauge the scope of the exposure. Access to the full data is restricted, but developers who identify their apps in the archive are encouraged to contact the firm so their app can be removed and they can receive guidance on remediation.

The pattern of AI-related leaks isn’t surprising in today’s rush to capitalize on the AI boom. Many developers, in their haste to publish, may cut security corners, making apps more vulnerable to data leakage. Apple’s long-standing pitch has been that its App Store is a safer alternative to rival stores, in part because of stringent reviews. However, the current revelations suggest that even Apple’s vetting isn’t foolproof and that high-profile data exposure can slip past review processes.

If you happen to use any of the affected apps, the prudent move is to stop using them immediately. There’s little you can do to retract data that’s already been leaked, but you can minimize further risk by avoiding the apps and, if you used the same credentials elsewhere, updating those passwords. Consider adopting a trusted password manager and changing the passwords of any accounts tied to the compromised email addresses. Also, alert friends or colleagues who might be using the same apps.

CovertLabs’ Firehound project serves as a warning to developers and platform owners alike: security cannot be an afterthought, especially for AI-powered tools that handle sensitive personal information. The hope is that affected developers will secure their codebase and that others will learn from these incidents before more data is exposed.

If you want ongoing updates on this topic, keep an eye on TechRadar’s coverage for the latest on app security, privacy and how to protect yourself online. TechRadar frequently shares analysis, tips and breaking news in this space.

Note: The article you’re reading is a rewritten summary of a TechRadar report on the Firehound project and related iOS privacy concerns.

Related links

By submitting, I confirm I have the right to share this link and I agree to link back to this article from the submitted page. Duplicate URLs are rejected. Up to 5 links per page.

GraphQL · 148 ms 
query Q($id: Int!, $domain: Int!, $srcId: Int!, $hasSrc: Boolean!, $hasSelf: Boolean!) {
  self: qa_ai(where: {id: {_eq: $id}}, limit: 1) @include(if: $hasSelf) { id title text date }
  linksarticle: qa_ai(where: {domain: {_eq: $domain}, id: {_neq: $id}}, order_by: {id: desc}, limit: 8) { id title }
  linksbottom: qa_ai(where: {domain: {_neq: $domain}, id: {_lt: $id}}, order_by: {id: desc}, limit: 3) { id title domain }
  source: qa_ai(where: {id: {_eq: $srcId}}, limit: 1) @include(if: $hasSrc) { id title }
}
{
  "id": 6645207,
  "domain": 7,
  "srcId": 0,
  "hasSrc": false,
  "hasSelf": true
}