MYLOVELY [.]AI, an AI artwork generation platform described as an AI girlfriend service, reportedly suffered a data breach affecting 106,362 registered users, according to dailydarkweb[.]net. The breach involved a 2.1 GB JSON database from April 2026 that exposed users’ emails, user IDs, account creation dates, subscription tiers, social profile metadata, explicit images and videos, gallery and community items with direct URLs, and the exact prompts users submitted to generate NSFW content.
Two datasets containing 113,000 explicit NSFW prompts were included in the breach, with nearly 70,000 directly tied to unique user IDs, meaning deeply personal requests can be linked to individuals. The leak was posted on a dark web forum, exposing highly sensitive interactions between users and the service, and could allow doxxing and sextortion attempts as a consequence of the exposed information.
Malwarebytes cautions users that cybercriminals can correlate identifiers such as email addresses, social media handles, and explicit prompts or images to real-world identities.