comscore
हिंदी
  • Home
  • AI
  • Installed these apps? They may have leaked your photos and personal data

Installed these apps? They may have leaked your photos and personal data

Several Android apps on the Google Play Store were found exposing user photos, videos, and KYC data due to security gaps. Here’s what you need to know.

Published By: Shubham Arora | Published: Feb 24, 2026, 05:03 PM (IST)

Google trends
  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

Several Android apps available on the Google Play Store were recently found exposing large volumes of user data because of basic security gaps. Cybersecurity researchers say some AI-based apps, including those promoted for photo editing and identity verification, left personal files accessible because of misconfigured cloud storage. news Also Read: WhatsApp could soon let you tap to reveal hidden text: How it works

Millions of files exposed

According to a report by Cybernews, one app called Video AI Art Generator & Maker leaked more than 1.5 million user images and over 385,000 videos. The app reportedly had over 500,000 downloads before the issue was flagged. news Also Read: WhatsApp may soon let users add a password to their accounts

Researchers found out that a Google Cloud Storage bucket linked to the app had not been secured properly. This meant stored files could be accessed publicly without any login or authentication. As per the report, over 12 terabytes of media files were leaked, including user uploaded photos, videos, and AI-generated content. news Also Read: How to move from iPhone to Android using Apple’s new iOS 26.3 tool: Quick steps

Following the findings, the app was removed or hidden from the Play Store.

Identity verification app also affected

Another app, called IDMerit, from the same developer was also found to have leaked sensitive user information. This included know-your-customer (KYC) data, which is collected by companies to verify identity.

Reports say the exposed data included full names, addresses, phone numbers, dates of birth, national IDs, and email addresses. The affected records belonged to users in the United States and several other countries.

After researchers notified the developer, access to the exposed data was reportedly secured.

A wider security issue

Experts warn that the issue may not be limited to just these two apps. Cybernews said that 72 percent of the Play Store apps it analysed had similar vulnerabilities. One common problem is “hardcoding secrets,” a practice where developers embed sensitive information such as passwords or API keys directly into the app’s source code. If these are exposed, they can be misused almost immediately.

What users can do

If you have recently installed AI editing or identity verification apps, it may be a good idea to review them. Check the developer’s profile, go through user reviews, and see whether the developer has Google’s Verified badge.

Add Techlusive as a Preferred SourceAddTechlusiveasaPreferredSource

You can also perform a Play Protect scan on your device. To do this, open the play store, tap your profile icon, go to Play Protect, and scan your phone for harmful apps.