From 0 to 1

Are AI Girlfriend Apps Safe? • The privacy question nobody answers honestly

June 30, 2026

"Are AI girlfriend apps safe" gets asked in two very different ways. One is about mental health, whether talking to an AI companion is healthy for you. We've written about that question elsewhere. This article is about the other meaning: is your data safe. Who can see your conversations. What happens if the company gets hacked. That question has a clearer answer, and the honest version of it is not always flattering to this industry.

What actually happened at Muah.ai

In September 2024, the AI companion site Muah.ai was breached. A hacker exposed roughly 1.9 million email addresses, many of them tied to real names, along with the actual chat and image prompts users had submitted to their companions. This wasn't a leak of usernames and hashed passwords. It was people's private roleplay conversations and fantasy image requests, attached to their real identities. The hacker who found the flaw told reporters at 404 Media that the platform was, in their words, a handful of open source projects duct taped together. Researchers who reviewed the leaked prompts also found a disturbing number that described child exploitation scenarios, which several outlets and legal analysts flagged as a serious criminal exposure for the company, not just a privacy failure.

We wrote a full breakdown of the incident and what it means if you're comparing AI companion apps. You can see the full comparison here.

Muah.ai was not an outlier

It's tempting to treat Muah.ai as a one-time story about one badly built app. It wasn't. In October 2025, security researchers at Cybernews found that two other AI companion apps, Chattee Chat and GiMe Chat, had left a server open to the public with no authentication at all. More than 43 million intimate messages and over 600,000 images and videos were exposed, affecting more than 400,000 users. The cause was mundane and avoidable: a database component left unlocked on the open internet.

Separately, the security firm Oversecured audited 17 popular AI companion apps on Google Play with a combined 150 million plus downloads and found 14 critical and 311 high severity vulnerabilities across them. And in 2025, Italian data protection regulators fined Replika's developer five million euros for GDPR violations, citing processing user data without a valid legal basis, unclear data retention practices, and inadequate age checks. None of this means every AI companion app is unsafe. It means the category as a whole has a track record, and that track record is worth knowing before you type anything private into one.

What to actually check before you trust an app

Marketing pages rarely tell you the things that matter. Here's what we'd actually look for.

Where does your conversation actually go. Some companion apps route your messages to a third party model provider, which means your chats pass through and may be stored by a company you've never heard of, under terms you never agreed to directly. Others host their own models on their own infrastructure. That distinction matters more than almost anything else on a privacy checklist, because it determines how many parties have a copy of your conversation and how many separate breach risks exist.

What happens to your data after the conversation ends. Is it kept indefinitely, is it used to train future models, can you delete it, and does the privacy policy actually say so in plain language rather than vague legalese. If a company can't tell you its retention window in one sentence, that's a sign the practice was never designed with you in mind.

Has the company had a breach before, and how did it respond. A breach isn't automatically disqualifying, security failures happen across the entire tech industry. What matters is whether the company had basic protections in place, whether it disclosed the incident honestly, and whether it fixed the underlying cause. A pattern of open, unauthenticated databases is a different story than a sophisticated attack against a well secured system.

Where we land on this

We built Eudaio to run local AI models on our own GPUs rather than routing conversations through a third party model provider. Even our own developers can't read your chats without your explicit permission. We've written more informally about the infrastructure decisions behind that, including why we chose SOC compliant servers over cheaper options, in Off-Script.

We're not going to tell you no breach is possible, because no honest company can promise that. What we can tell you is that the questions above are the right ones to ask any AI companion app, including us. Ask where your data goes, ask how long it's kept, ask what happened the last time something went wrong. If an app won't give you a straight answer, that itself is the answer.

"Safe" isn't a single yes or no for this category of app. It's a set of specific, checkable practices, and the companies that take it seriously will happily walk you through them instead of hiding behind a generic privacy policy nobody reads.

SomeOne