Cuties AI Breach Exposes 144K User Profiles

Overview

In March 2026, the NSFW AI companion platform Cuties AI experienced a data breach where a hacker publicly released user data on a forum. The incident compromised 144,250 unique user accounts. This breach is particularly sensitive due to the platform’s adult-oriented nature and the personal data involved, which extends far beyond basic contact information.

What Was Exposed

The stolen dataset includes several layers of personal information. The core identifiers are email addresses and user display names. More critically, the breach exposed the specific prompts, descriptions, and preferences (stated as “female” or “trans”) users entered to generate AI adult images. URLs linking directly to the generated image content and the associated creator accounts were also leaked. This creates a direct link between a user’s real-world email, their platform identity, and their private, intimate creative activity.

Potential Impact

The exposure of email addresses and names opens users to targeted phishing attacks, where bad actors can craft convincing messages referencing “Cuties AI” to steal more information. The primary risk, however, stems from the exposed AI prompts, preferences, and image URLs. This data is deeply personal and could be used for blackmail, harassment, or public shaming if linked back to an individual. For users in regions or professions where such activity could carry severe social, legal, or professional consequences, the impact is significantly heightened.

Recommendations

Immediately change the password for the email address used on Cuties AI, and enable two-factor authentication (2FA) if available. Since this email is now public, be hyper-vigilant for phishing emails that may reference Cuties AI or other adult services. Do not click on links or open attachments from suspicious senders. Consider using a unique, separate email address for sensitive online activities in the future. Monitor your other online accounts for any unusual activity.

How to Check If You’re Affected

The breach has been added to the database of Have I Been Pwned. To check if your data was compromised, visit the dedicated breach page at https://haveibeenpwned.com/Breach/CutiesAI and enter your email address. This service will confirm if your information was part of the leaked dataset.

Security Insight

This breach highlights the extreme responsibility companies handling highly sensitive user data have to implement robust security. The exposure of not just account details but the intimate metadata of user interactions (prompts, preferences, image links) represents a profound failure of data stewardship. Unlike a simple email leak, this incident shows how breaches can expose behavioral and preference data, creating unique risks that standard credit monitoring cannot address. For more on evolving digital threats, follow our cybersecurity news coverage.

Further Reading

• All Medium Breaches
• Recent Data Breaches