Anonymous video chat app leaks data on millions of users — more than 22 million records exposed, including 3 million containing names and email addresses

1. Pro

Anonymous video chat app leaks data on millions of users — more than 22 million records exposed, including 3 million containing names and email addresses News By Rahim Amir published 2 June 2026

A stark reminder that even the smallest of vulnerabilities can be exploited.

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Getty Images)

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter

• The breach directly granted access to 22 million session records and 3.47 million usernames and email addresses or similar identifiers
• The platform, which claims privacy and security as core tenets of its offerings, is often used for intimate or explicit conversations with strangers, making this security flaw a critical issue
• The leaks also contained sensitive metadata that can be tied back to users, including device details, gender, payment information, and geolocation-specific information such as IP addresses, country, and language

In what is being treated as a major cybersecurity lapse, the randomized video chat platform FTF Live may have unwittingly compromised millions of its users due to a misconfiguration.

The breach effectively exposed information from potentially as many as 3.47 million identifiable users across 22 million sessions, thanks to an openly accessible Kibana dashboard spotted by security researchers, which was subsequently disclosed to the company's owners.

A significant security lapse

The leak, which essentially allowed access to significant amounts of user metadata, leaves users of the platform exposed when it comes to their identity, location, and payment information, allowing for the targeting of vulnerable users, such as those in LGBTQ+ communities abroad, those engaging in sensitive or explicit conversations, and even minors.

Latest Videos FromWatch full video here: You may like

• Top arcade game maker leaks nearly 19 million user records via WeChat mini app
• Messaging app Tokee may have leaked 1.2 million user profiles
• ExpressVPN uncovers 3.7 million items of leaked AI chatbot data

The leak also exposed backend logs of the service, thanks to an unsecured instance of Dozzle, a browser-based log viewer, which researchers point out is a secondary exposure for the platform, that not only provided a birds-eye view of how the entire service functioned, but also exposed plain-text passwords, session tokens, and even internal API requests.

Cybernews researchers said: “The combination of public Kibana and public Dozzle instances creates a severe security risk,” while noting that they had already made attempts to contact the company about the severity of their findings.

While Cybernews attempted to contact the company behind the FTF Live platform, it was met with silence, even as it sought to navigate a complex ownership structure that it says raises transparency concerns.

The since-taken-down Android App was published under 'Burhan LTD', while the privacy policy on the site identifies the owner as Cyprus-based Cooy Ads Ltd, even as its data controller, customer support, and branding seem to be under the Pixover name.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

A lack of response from the company has researchers even more concerned, given the severity of the disclosure, the sheer number of records potentially being exposed, and the fact that the duration of public exposure has yet to be established.

“The leak turns what many people assume to be anonymous and throwaway interaction into a highly traceable data trail,” researchers noted while highlighting that issues include account compromises, targeted scams, or even stalking by motivated entities.

While it is important to note that no raw video conversations appear to have been exposed, the breach does allow users to be tracked, identified, and monitored by a 3rd party with access to said information, marking both a serious breach and an alarming level of inaction from the owners of the website, as noted by researchers who point to it as a broader industry issue surrounding “anonymous” communication platforms.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

CATEGORIES Cyber Security Cyber Crime Computing Computing Security Rahim AmirSocial Links NavigationContributor

Rahim Amir is a UAE-based tech writer who enjoys building PCs as much as he enjoys writing about them. He has been professionally writing about PC hardware since 2023, focusing on buyer’s guides, hardware reviews, and sponsored content and features related to tech.

Having built hundreds of gaming PCs and being an avid gamer in his spare time, Rahim tends to have stronger opinions about hardware than most. This is particularly on display when he gets his way with powerful, but minimalistic RGB builds even as Small Form Factor (SFF) PCs come a close second.

View More

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Security Top arcade game maker leaks nearly 19 million user records via WeChat mini app    Security Messaging app Tokee may have leaked 1.2 million user profiles    VPN Privacy & Security ExpressVPN uncovers 3.7 million items of leaked AI chatbot data    Security French email provider accidentally leaked 40 million records — L’Oreal, Renault, French government data exposed    Security Millions of hotel goers may have been exposed after hackers steal data and leak it on Telegram    Security English learning app used by Sony and Paramount put millions of users at risk    Latest in Pro Pro Microsoft’s Project Solara looks to break AI out of the PC and into the real world    Pro Microsoft CEO Satya Nadella looks to allay fears over data center energy and water use    Pro “AI is now useful”: Nvidia CEO Jensen Huang thinks a new era for AI is here    Pro How a former Facebook whistleblower is being silenced 'regardless of whether what she says is true'    Pro Exactly 17 years ago, the first Nvidia-powered Windows laptop made its debut at Computex    Security Rapid7 observes new Palo Alto VPN flaw exploited in the wild to bypass GlobalProtect authentication    Latest in News Pro Microsoft’s Project Solara looks to break AI out of the PC and into the real world    Pro Microsoft CEO Satya Nadella looks to allay fears over data center energy and water use    Pro “AI is now useful”: Nvidia CEO Jensen Huang thinks a new era for AI is here    Pro How a former Facebook whistleblower is being silenced 'regardless of whether what she says is true'    Health & Fitness Want a Runna membership for free? All you have to do to get 2 weeks free is log a 5k on Strava on June 3    VPN Services Decentralized NymVPN rolls out post-quantum protections as standard alongside a massive redesign    LATEST ARTICLES

1. 1Rivian's boss says Level 4 autonomous driving is "closer than people think"
2. 2'Stop duct-taping human email into machine workflows' — Hostinger unleashes Agentic Mail to fix the biggest bottleneck in AI automation
3. 3Microsoft CEO Satya Nadella looks to allay fears over data center energy and water use
4. 4Quordle hints and answers for Wednesday, June 3 (game #1591)
5. 5NYT Connections hints and answers for Wednesday, June 3 (game #1088)