Character.AI Discloses Brief User Data Exposure Incident

Character.AI recently addressed a data privacy incident where certain user information was inadvertently exposed to other users for a brief ten-minute period. The company emphasized its commitment to user trust, safety, and privacy, according to Character.AI Blog.

Details of the Incident

The incident occurred during an update to the list of featured Characters on the Character.AI homepage, which mistakenly made some user account information publicly visible. This exposure could include a user's username, name, bio, Characters, homepage, personas, voices, or chats. However, the investigation revealed that typically only one section of a user's account was visible to others.

In instances involving chat content, most affected users had only the first page of a chat with a single Character exposed. The issue was swiftly addressed by the Character.AI team, lasting approximately ten minutes, and affecting less than 0.01% of users.

Preventive Measures Implemented

In response to the incident, Character.AI has revised its procedures for making changes to its critical infrastructure. The company has introduced additional technical controls to ensure that all changes meet their quality standards and to prevent similar issues from occurring in the future.

Character.AI acknowledged the breach of user trust and expressed regret over the incident, affirming their dedication to ensuring the privacy and safety of user information. The company is taking comprehensive precautions to prevent any recurrence.