2021 API Vulnerability

2021 API Vulnerability

Playing AI Dungeon

Getting StartedGetting StartedAI Dungeon 101AI Dungeon 101Adventure AwaitsAdventure Awaits

Common Questions

AI Model DifferencesAI Model DifferencesAbout the AIAbout the AIAccount QuestionsAccount QuestionsMemberships & BenefitsMemberships & BenefitsPrivacy & SecurityPrivacy & SecurityTerms of ServiceTerms of ServiceOther QuestionsOther QuestionsCommunity Community Feedback & BugsFeedback & BugsProduct UpdatesProduct UpdatesStatusStatusTable of ContentsTable of Contents

2021 API Vulnerability

In April 2021, we became aware of a vulnerability in the AI Dungeon API. The individual who informed us accessed our systems between April 15th, 2021, and April 19th, 2021 as part of what they said was a proof of concept, before disclosing the vulnerability and claiming to delete the data.

The vulnerability was promptly fixed and, to our knowledge, only the reporter used the vulnerability to access data. In an effort to be thorough and complete in our findings, we took too long to disclose the incident, and as a result, the individual who accessed our systems publicly shared details about their exploit with the public. These details came out around the same time we were experiencing another data incident involving a contractor one of our tech partners was using (See Taskup Data IncidentTaskup Data Incident), and so these two incidents are often perceived as one.

On this page

  • 2021 API Vulnerability
icon
image

© Latitude 2024