Tony Kim
December 18, 2024 09:24
Character.AI reported a brief incident where user data was exposed to others for 10 minutes. The company has put additional safeguards in place to prevent this from happening in the future.
Character.AI recently resolved a data privacy incident where certain user information was accidentally exposed to other users for a brief 10-minute period. According to the Character.AI blog, the company emphasized its commitment to user trust, safety, and privacy.
details of the case
This incident occurred while updating the recommended character list on the Character.AI homepage, which inadvertently disclosed some user account information. These impressions may include the user’s username, name, biography, character, home page, persona, voice, or chat. However, research has shown that typically only one section of a user’s account is visible to others.
When it comes to chat content, most affected users only displayed the first page of chat where a single character was exposed. The issue was quickly resolved by the Character.AI team, lasted approximately 10 minutes, and affected less than 0.01% of users.
Implement preventive measures
In response to this incident, Character.AI has revised its procedures for making changes to critical infrastructure. The company has introduced additional technical controls to ensure that any changes meet quality standards and to prevent similar problems from occurring in the future.
Character.AI acknowledged the violation of user trust in this incident, expressed regret, and pledged its efforts to ensure the privacy and safety of user information. The company is making every effort to prevent recurrence.
Image source: Shutterstock