The conversation around artificial intelligence and privacy feels like it’s on repeat: once again, a chatbot has been caught exposing private conversations, this time making them searchable on Google.

It’s becoming a pattern in the AI industry. Reports keep surfacing about chatbot conversations being leaked, indexed, or otherwise made public. We’ve seen this before: OpenAI had to remove ChatGPT’s “share” feature when users realized their chats were accessible to anyone, Meta AI faced backlash for exposing conversations through search and a bug, McDonald’s experienced leaks from its AI hiring bot, and even the so-called “AI girlfriend” scandal revealed highly personal interactions after a massive breach.

In many of these cases, developers assumed users understood that a “Share” button meant their chats were publicly visible. But users were often shocked to discover just how public their information became.

Now, a similar issue has surfaced with Grok, the AI chatbot developed by xAI and launched in November 2023 by Elon Musk. According to Forbes, when Grok users pressed the “Share” button to send a chat transcript, those conversations weren’t just shared via a private link—they were also made searchable by Google, Bing, and DuckDuckGo. In some cases, this happened without the user’s clear knowledge or consent.

This means that even if account details were hidden, the actual prompts—the instructions written by users—could still expose sensitive or personal information. Forbes noted that some leaked Grok chats included private questions about health and psychology, and the BBC reported cases where the bot provided step-by-step instructions for creating a Class A drug.

This incident underscores a recurring problem: privacy in AI is often treated as an afterthought rather than a core design principle. Until that changes, users must remain cautious about what they share with chatbots.

How to Use AI Safely

While AI development continues at a breakneck pace, often outpacing security and privacy safeguards, users can take proactive steps to protect themselves:

1. Be mindful of the platform. If you’re using AI built by a social media company (Meta AI, Grok, Bard, Gemini, etc.), avoid being logged in to the associated social account. Linking chat data to those accounts could expose personal details.
2. Keep conversations private. Many AI tools offer “Incognito” or private modes. Use them whenever possible, and think twice before using “Share” options. Remember: even private chats can still be leaked through bugs or breaches.
3. Never share sensitive data. Avoid giving AI any personal, financial, or medical details.
4. Understand privacy policies. They can be long, but even a quick AI-generated summary can help you identify risks.
5. Protect your identity. Never share personally identifiable information (PII) with any chatbot.

Final Thoughts

The Grok incident is just the latest reminder that AI tools can inadvertently expose private conversations to the public. For organizations and individuals alike, security and privacy must remain a priority when integrating AI into daily life. Until AI providers adopt stronger safeguards by default, the safest policy is simple: treat every chatbot conversation as if it could one day be made public.

Source: https://www.malwarebytes.com/blog/news/2025/08/grok-chats-show-up-in-google-searches