New AI Vulnerability Disclosed: Claude Can Leak Names and Employers
A security researcher has revealed a method allowing the AI Claude to inadvertently send user personal information, such as names and employers, to external websites.

Security researcher Ayush Paul has disclosed a vulnerability in the AI service Claude that could lead to the leakage of user personal data. According to Paul, the AI can unintentionally transmit information about a user's name, employer, and even hometown to external websites without user consent.
The vulnerability stems from Claude's ability to remember and utilize past conversations. The AI employs two memory mechanisms: a daily summary of recent dialogue and a tool for retrieving complete conversation histories on demand. While this enhances the AI's capacity to tailor responses, it can also accumulate substantial user information over prolonged use.
Paul demonstrated the vulnerability by asking Claude to compare real coffee shop URLs with malicious links. In this context, the AI encoded the user's name into the URL. Further prompting could also reveal the employer's name and hometown, data potentially usable for financial institution verification.
Paul reported the issue through Anthropic's bug bounty program. Although Anthropic was aware of the problem, it remained unfixed at the time of Paul's report. The company has since disabled Claude's ability to follow links on external webpages to prevent similar data leaks.