The explosion of artificial intelligence has ushered in a new era where people can confide, learn, create and work with a tireless chatbot: ChatGPT. Developed by OpenAI and launched in late 2022, ChatGPT quickly became a global phenomenon, with hundreds of millions of users in just a few months.

More than just a convenient tool, ChatGPT has also become a place where many people come to confide, release emotions or test out creative ideas that have never been said before. Therefore, trust in the privacy and security of this platform is considered the core foundation in the relationship between users and AI technology.

However, in early August 2025, a serious incident shook that foundation. According to the prestigious technology site TechSpot, thousands of private conversations between users and ChatGPT were indexed by Google and publicly displayed on the world's largest search engine. In the blink of an eye, what seemed "only known to AI" could be read by millions of people on the Internet. The incident not only left users feeling betrayed, but also opened a major debate about the future of privacy in the era of artificial intelligence.

1. What happened? The nightmare of thousands of ChatGPT users

The security breach was first discovered by a number of Reddit and Hacker News forum users, who stumbled upon ChatGPT conversations appearing publicly on Google Search. With just a few keywords like "chat.openai.com/share" or "site:chat.openai.com" , one can find thousands of chats, many of which are extremely personal, sensitive and never intended to be shared by their owners.

The exposed chats were not the result of a hack, nor were they the result of a traditional security flaw. The real culprit was OpenAI’s opt-in chat sharing feature, which was designed to help users share useful chats on social media or the web. But the feature’s “vague” description and lack of clarity about the risks of the feature led many to misunderstand how public their chats actually were when they hit the “share” button.

According to Fast Company, using just a regular search engine, they discovered nearly 4,500 conversations, many of which contained extremely sensitive content, from mental health issues, personal trauma, broken relationships to internal corporate information.

2. Why is it so serious? The cost of data ignorance

One of the factors that makes the issue particularly serious is that many people don’t realize that when they share a chat, they’re allowing the world, including Google, to index and access that content. While OpenAI does display a warning before users share, the language used is “friendly,” and doesn’t make clear that the consequences could be that these chats could be on the internet forever.

The result was a series of people who were suddenly “exposed.” Some users shared that they had used ChatGPT as a “confidant,” expressing their innermost thoughts that they had never told anyone, not even their therapists. Some chats revealed fears related to past abuse, plans to escape violent families, and even questions related to suicide.

More worryingly, some corporate employees have used ChatGPT to conduct work, such as summarizing meeting minutes, rewriting code, or asking for marketing strategy suggestions. When these conversations are shared publicly, the consequences are not only personal injury but also legal risks and loss of trade secrets.

3. Samsung case

One of the most memorable incidents involving ChatGPT occurred in 2023, when several Samsung Electronics employees unwittingly shared confidential information with ChatGPT. They used AI to help debug source code and rewrite internal code, unaware that what they entered could be stored by OpenAI and used to train models.

As a result, secret code leaked into third-party systems without being checked, forcing Samsung to completely ban the use of ChatGPT internally and implement stricter AI management policies.

The recent incident with ChatGPT’s sharing feature is a repeat of the old mistake in a new context, but this time the consequences are much more far-reaching. It is no longer just businesses, but thousands of individuals around the world that have been affected.

4. US courts and data retention orders

Another surprising fact: Even if users don’t share their chats, the data doesn’t always belong to them. A US court ruling related to copyright lawsuits against OpenAI forced the company to store all ChatGPT conversations indefinitely as part of its investigation.

That means every piece of information a user has ever entered, from simple queries to intimate stories, is sitting on OpenAI's servers and can be legally required to be released if necessary.

This makes the concept of “AI privacy” all but impossible in the current regulatory environment, especially in the U.S. Users, whether they realize it or not, are at risk of losing complete control over the data they once thought was private.

5. OpenAI's response

In response to backlash from users, the media, and security experts, OpenAI removed the public sharing feature and announced it was working with Google to remove the indexed results.

However, experts say this response is “late” and not thorough. Content that has been indexed by Google, once cached or copied on other platforms, cannot be completely deleted. Some sensitive chats have been re-shared on forums, blogs, and even TikTok videos, making users victims of uncontrolled spread.

At the same time, OpenAI’s feature description policy has also been heavily criticized. The language of “useful sharing” without emphasizing the consequences can lead to serious misunderstandings. Especially in a context where many users are not deeply tech-savvy, the line between “temporary sharing” and “permanent presence on the internet” is blurred.

6. That alternative is Proton's Lumo 

As trust in popular AI chatbots is shaken, some security companies have begun to roll out alternatives that focus on absolute privacy.

Among them is Lumo, an AI chatbot developed by Swiss security company Proton, which is also behind the encrypted email service ProtonMail. Lumo operates on the following principles:

• End-to-end encryption of entire conversations.

• Chat content is not stored on the server.

• No personal information collected.

• No ads shown.

• Open source, allowing independent review and improvement contributions.

With Lumo, users can interact with chatbots without fear of information being recorded or shared for the wrong purpose. This is considered the first positive response in the AI ​​market to address security vulnerabilities that ChatGPT and similar platforms have not done well.

7. When technology develops faster than legal and ethical awareness

This incident is not just a technical error, but also a wake-up call to the fact that technology is evolving faster than legal and ethical frameworks. When AIs like ChatGPT are deployed at scale to hundreds of millions of people without mandatory standards of security, privacy, and accountability, the risks are not just individual but systemic.

Users need to be aware that anything they type into an AI can be recorded. There is no guarantee that seemingly innocuous text will not one day end up in a court of law, in the press, or in the memory of a hacker.

8. Conclusion

ChatGPT has been hailed as a revolution in human-machine communication. But that revolution only truly matters when it respects human boundaries, especially the boundaries of privacy and personal data security.

The leak of thousands of Google chat logs is not just an operational error, but a manifestation of a major flaw in product design, risk management, and user communication. As AI platforms race to improve speed and language processing, perhaps it’s time for the tech industry to slow down and take a deeper look at what works and what could hurt people.

Trust is the most precious asset. Once lost, it is very difficult to regain. And AI, if it does not protect that trust, will never truly become a companion of humanity.