Firebase Misconfiguration Exposes 300 Million Private Messages of 25 Million Users

A misconfiguration in the Chat & Ask AI app exposed 300 million private messages belonging to 25 million users. The incident stemmed from an insecure Firebase database, a backend service by Google, which was left publicly accessible without proper authentication. The exposed data included user messages exchanged with AI chatbots, though the article does not specify the exact timeframe of the exposure or the duration it remained unsecured. No additional technical details about the misconfiguration or affected AI providers (e.g., Anthropic, OpenAI, or Google’s Gemini) were provided beyond the Firebase link. The impact involved unauthorized access to sensitive user communications.