Privacy
Affecté par des incidents
Incident 84216 Rapports
Reportedly Hacked AI-Powered Robot Vacuums Allegedly Used for Surveillance and Harassment
2024-05-24
Hackers reportedly exploited a vulnerability in Ecovacs’s Deebot X2 robot vacuums, gaining unauthorized access to camera and microphone controls. Users reported privacy invasions and offensive language broadcasted through the devices. Although Ecovacs claimed to have resolved the security flaw, researchers suggest vulnerabilities remain that could potentially leave users exposed to surveillance and harassment through their AI-enabled devices.
PlusIncident 107515 Rapports
New Orleans Police Reportedly Used Real-Time Facial Recognition Alerts Supplied by Project NOLA Despite Local Ordinance
2025-05-19
According to reporting by The Washington Post, New Orleans police received real-time facial recognition alerts from a privately operated surveillance network run by Project NOLA, reportedly leading to dozens of arrests. This purported use of AI surveillance appears to conflict with a 2022 city ordinance that restricts facial recognition to specific post-incident investigations. Police are alleged to have not consistently disclosed the technology's use.
PlusIncident 107014 Rapports
Serviceaide AI Platform Implicated in Health Data Exposure Affecting 483,000 Catholic Health Patients
2025-05-09
An AI-linked platform operated by Serviceaide exposed sensitive health data from Catholic Health, affecting 483,000 patients. The breach stemmed from a misconfigured Elasticsearch database used in Serviceaide’s agentic AI infrastructure. Exposed information included medical records, insurance details, and login credentials. While no misuse has been confirmed, the nature of the data has prompted regulatory scrutiny and legal investigations.
PlusIncident 9617 Rapports
Serbian Authorities Allegedly Used AI-Powered Cellebrite Tools to Unlock Journalist’s Phone and Install Spyware
2024-12-16
Serbian authorities allegedly used Cellebrite's AI-powered forensic tools to unlock journalists' and activists' phones without consent. They reportedly then installed NoviSpy, a newly discovered spyware. That then purportedly allowed covert data extraction, remote microphone and camera activation, and surveillance. Amnesty International uncovered forensic evidence linking Serbia's Security Information Agency (BIA) to these attacks. Cellebrite halted sales to Serbia after the report.
PlusIncidents implicated systems
Incident 13641 Rapport
Moltbook Database Exposure Allegedly Revealed Users' Private Communications and API Authentication Tokens
2026-01-31
Wiz researchers reported accessing an exposed Moltbook database in under three minutes, allegedly obtaining ~35,000 email addresses, thousands of private DMs, and ~1.5 million API authentication tokens. The exposure was described as enabling read/write access and potential impersonation or manipulation of "AI agent" accounts. Wiz said it disclosed the issue to Moltbook, which reportedly secured the database within hours and deleted accessed data.
PlusEntités liées
Autres entités liées au même incident. Par exemple, si le développeur d'un incident est cette entité mais que le responsable de la mise en œuvre est une autre entité, ils sont marqués comme entités liées.
Entités liées
Clearview AI
Incidents impliqués en tant que développeur et déployeur
Incidents involved as Developer
- Incident 4124 Report
Finnish Police Were Reportedly Reprimanded After National Bureau of Investigation Unit Allegedly Used Clearview AI to Identify Potential Abuse Victims
- Incident 5583 Report
Activists Allege NYPD's Application of Facial Recognition Interfered with Right to Protest
Incidents implicated systems
Facial recognition technology developers
Incidents involved as Developer
- Incident 4415 Report
South Korean Agencies Reportedly Shared Airport Travelers' Face Images with Companies to Train Immigration Facial Recognition System
- Incident 4124 Report
Finnish Police Were Reportedly Reprimanded After National Bureau of Investigation Unit Allegedly Used Clearview AI to Identify Potential Abuse Victims
Minors
Affecté par des incidents
- Incident 5135 Report
ChatGPT Reportedly Banned by Italian Authority Due to OpenAI's Purported Lack of Legal Basis for Data Collection and Age Verification
- Incident 4124 Report
Finnish Police Were Reportedly Reprimanded After National Bureau of Investigation Unit Allegedly Used Clearview AI to Identify Potential Abuse Victims
Biometric data subjects
Affecté par des incidents
- Incident 4415 Report
South Korean Agencies Reportedly Shared Airport Travelers' Face Images with Companies to Train Immigration Facial Recognition System
- Incident 4124 Report
Finnish Police Were Reportedly Reprimanded After National Bureau of Investigation Unit Allegedly Used Clearview AI to Identify Potential Abuse Victims
Facial recognition technology
Incidents implicated systems
- Incident 4415 Report
South Korean Agencies Reportedly Shared Airport Travelers' Face Images with Companies to Train Immigration Facial Recognition System
- Incident 4124 Report
Finnish Police Were Reportedly Reprimanded After National Bureau of Investigation Unit Allegedly Used Clearview AI to Identify Potential Abuse Victims
Surveillance technology developers
Incidents impliqués en tant que développeur et déployeur
Incidents involved as Developer
Incidents impliqués en tant que développeur et déployeur
- Incident 4651 Report
Private Medical Photos Were Reportedly Found in LAION-5B AI Training Dataset
- Incident 7431 Report
Gemini AI Allegedly Reads Google Drive Files Without Explicit User Consent
Incidents implicated systems
People whose private images were included in AI training datasets
Affecté par des incidents
Replika
Incidents impliqués en tant que développeur et déployeur
- Incident 6365 Report
AI Romance Apps Reportedly Compromise User Privacy for Data Harvesting
- Incident 4911 Report
Replika's AI Experience Reportedly Lacked Protection for Minors, Resulting in Data Ban
Incidents implicated systems
OpenAI
Incidents impliqués en tant que développeur et déployeur
- Incident 5135 Report
ChatGPT Reportedly Banned by Italian Authority Due to OpenAI's Purported Lack of Legal Basis for Data Collection and Age Verification
- Incident 11865 Report
Reported Public Exposure of Over 100,000 LLM Conversations via Share Links Indexed by Search Engines and Archived
Incidents involved as Developer
ChatGPT
Incidents involved as Deployer
Incidents implicated systems
- Incident 9396 Report
AI-Powered Chinese Surveillance Campaign 'Peer Review' Used for Real-Time Monitoring of Anti-State Speech on Western Social Media
- Incident 5135 Report
ChatGPT Reportedly Banned by Italian Authority Due to OpenAI's Purported Lack of Legal Basis for Data Collection and Age Verification
Microsoft
Incidents impliqués en tant que développeur et déployeur
- Incident 11865 Report
Reported Public Exposure of Over 100,000 LLM Conversations via Share Links Indexed by Search Engines and Archived
- Incident 11742 Report
Microsoft Copilot Reportedly Able to Access Cached Data from Since-Private GitHub Repositories
Affecté par des incidents
Incidents involved as Deployer
Schools and teachers who were misinformed and burdened with COPPA compliance responsibilities without adequate disclosure
Affecté par des incidents
Genesia AI Friend & Partner
Incidents impliqués en tant que développeur et déployeur
Incidents implicated systems
EVA AI Chat Bot & Soulmate
Incidents impliqués en tant que développeur et déployeur
Incidents implicated systems
End users of undisclosed Middle Eastern AI-powered cloud call center platform
Affecté par des incidents
Meta
Incidents impliqués en tant que développeur et déployeur
- Incident 12771 Report
Alleged Harmful Outputs and Data Exposure in Children's AI Products by FoloToy, Miko, and Character.AI
- Incident 14711 Report
Meta Internal AI Agent Reportedly Gave Advice That Allegedly Exposed Sensitive Data to Unauthorized Employees
Affecté par des incidents
Incidents involved as Developer
Incidents implicated systems
Serbian Security Information Agency (BIA)
Incidents impliqués en tant que développeur et déployeur
People misidentified or at risk of misidentification in New Orleans
Affecté par des incidents
Real-time facial recognition alert pipeline to New Orleans Police Department
Incidents implicated systems
Automated person-tracking via clothing and physical descriptors
Incidents implicated systems
Gaggle
Incidents involved as Developer
- Incident 11671 Report
Alleged Gaggle Surveillance Alert Reportedly Leads to Arrest and Detention of 13-Year-Old Student in Fairview, Tennessee
- Incident 12131 Report
Gaggle AI Monitoring at Lawrence, Kansas High School Reportedly Misflags Student Content and Blocks Emails