A recent security investigation revealed a widespread leak of personal data, including photos and videos, by a number of artificial intelligence applications available on the Google Play Store. These insecure apps have raised serious concerns about data privacy on Android phones.

Among these applications, “Video AI Art Generator & Maker” stands out as one of the most famous examples. This app, which uses artificial intelligence to edit photos and videos, had been downloaded more than 500,000 times before the flaw was discovered.

According to security analyses, the volume of data leaked through this application alone exceeded 12 terabytes, including more than 1.5 million personal photos uploaded by users, more than 385 thousand original videos, millions of files generated by artificial intelligence, in addition to millions of photos and audio videos generated by these technologies.

The defect was not limited to this application only, but reports indicated that another application from the same developer, called “IDMerit,” leaked sensitive data related to identity verification, such as user names, addresses, dates of birth, and even personal identity files in more than 25 countries.

This type of data is considered a “valuable asset that can be used for fraud and identity theft.”

The researchers attributed the main reasons for these leaks to “the lack of strong monitoring by some developers on how data access is managed.”

These security errors not only reveal the weaknesses of applications, but also highlight “serious gaps in how application developers deal with sensitive data, especially when these applications are granted broad access powers without sufficient scrutiny.”

After revealing these leaks, Google cooperated with the relevant developers to secure the affected databases and close public access to the leaked files. Some applications have also been deleted from search results in the Google Store.

However, “there has not yet been an official statement issued by Google explaining the steps it has taken to ensure that incidents do not recur or to ensure that users are protected against similar risks in the future.”

On the other hand, cybersecurity experts stress the need for users to be “very careful when granting access to sensitive images, files, or data to applications, especially those that do not have reliable ratings or strong technical reviews.”