Meta has resolved a critical bug that exposed private AI prompts and responses to other users.
The issue affected Meta AI’s chat platform, which allows users to interact with generative AI by submitting custom prompts.
Sandeep Hodkasia, founder of security firm AppSecure, discovered the flaw. He responsibly reported the issue to Meta on December 26, 2024.
In return, Meta awarded him $10,000 through its bug bounty program. The company confirmed it fixed the problem by January 24, 2025.
And according to Meta, there was no evidence that the bug had been misused.
The Bug
The bug occurred when users edited their AI prompts. Each prompt and its response received a unique ID number on Meta’s servers.
However, the system failed to confirm if the person requesting that data had permission to view it.
By monitoring browser activity, Hodkasia found he could change the prompt ID number manually.
When he did, the system displayed a completely different user’s prompt and response. This happened because Meta’s servers did not verify ownership of the prompt.
The ID numbers were also predictable. That made it easier for someone to write a program that could guess multiple IDs quickly.
In theory, this could have exposed a large number of private prompts.
Meta’s Response
Meta responded quickly after the report. It released a patch less than a month later.
The company reviewed the issue internally and found no signs of abuse. Meta also thanked the researcher and confirmed that user data remains secure.
Meta spokesperson Ryan Daniels told TechCrunch, “We found no evidence of abuse and rewarded the researcher.”
AI Privacy
This is not Meta’s first privacy issue with AI. Earlier in 2025, users unintentionally shared private chatbot conversations publicly.
That incident, combined with this bug, suggests challenges in protecting AI interactions.
