Shadow AI Apps Expose Sensitive Data at Scale: 380,000 Vibe-Coded Assets Found Publicly Accessible

Massive Exposure Discovered

Israeli cybersecurity firm RedAccess has uncovered a staggering 380,000 publicly accessible assets created with vibe-coding tools from Lovable, Base44, Replit, and deployment platform Netlify. Of those, roughly 5,000—about 1.3%—contained sensitive corporate data, including customer conversations, financial records, and healthcare details.

“This is the new shadow AI crisis,” said Dor Zvi, CEO of RedAccess. “Most security programs can't even detect these apps, let alone protect them.” The findings were independently verified by Axios and Wired.

Verified Data Leaks

Among the confirmed exposures: a shipping company’s app revealing vessel schedules, an internal health tool listing active clinical trials across the U.K., and full unredacted customer service logs for a British cabinet supplier. A Brazilian bank’s internal financial data was accessible to anyone who found the URL.

Other leaks included patient conversations at a children’s long-term care facility, hospital doctor-patient summaries, and incident response records at a security firm. These breaches may trigger regulatory obligations under HIPAA, UK GDPR, or Brazil’s LGPD, depending on jurisdiction.

RedAccess also found phishing sites built on Lovable that impersonated Bank of America, FedEx, Trader Joe’s, and McDonald’s. Lovable has since begun investigating and removing them.

Background: The Default Problem

Privacy settings on many vibe-coding platforms default to public. Apps become indexed by Google and other search engines unless users manually switch them to private. “I don’t think it’s feasible to educate the whole world around security,” Zvi commented. “My mother is vibe-coding with Lovable—no offense, but she won’t think about role-based access.”

This isn’t an isolated finding. In October 2025, Escape.tech scanned 5,600 vibe-coded applications and found over 2,000 high-impact vulnerabilities, 400+ exposed secrets like API keys, and 175 instances of personal data exposure—all in live production systems. Escape later raised an $18 million Series A to address the security gap opened by AI-generated code.

What This Means

Enterprise security teams now face a new attack surface invisible to traditional monitoring tools. Vibe-coded apps can bypass approval workflows, connect directly to live databases, and be deployed in hours—all without IT oversight.

“The corporate perimeter has expanded to include every prototype built over a weekend,” said an industry analyst. Organizations must implement automated scanning for shadow AI apps and enforce default-private configurations. Until then, sensitive data will continue to leak through these unseen cracks.

For now, the onus is on developers—and the platforms they use—to lock down defaults. As Zvi warned, “If you can’t find these apps, you can’t protect the data inside them.”