The Great AI Chatbot Data Leak: How ChatGPT, Grok, and Claude Share Your Chats

A massive AI chatbot data leak is exposing user conversations to third-party advertising networks, including Meta, Google, and TikTok. According to a new study published on May 4, 2026, by researchers at the IMDEA Networks Institute, the four largest AI assistants - ChatGPT, Claude, Grok, and Perplexity - quietly share user data with external trackers. The research project, dubbed LeakyLM, identified more than 13 embedded trackers across these platforms, none of which are disclosed to users in plain language.

Every time a user opens a chat, invisible software tools embedded in the webpage communicate with ad networks. These trackers transmit details about the user's identity, their current page, and in some cases, the exact text they typed. The most fundamental vulnerability involves the leakage of conversation URLs. Because several platforms make these web addresses publicly accessible by default, sending the URL to Meta or Google's ad systems effectively grants those companies the ability to read the chats without logging in.

Grok, the AI chatbot developed by xAI, is currently the most exposed platform. Guest conversations on Grok are public by default, requiring no login to access. The researchers discovered that TikTok's tracker received verbatim message content from Grok through Open Graph metadata - a standard web protocol used to generate preview images for shared links. This flaw essentially sends TikTok's system a direct screenshot of the user's conversation.

While Claude and ChatGPT maintain stronger access controls by keeping chats private unless explicitly shared, they still transmit conversation URLs and advertising cookies to Meta and Google. In Claude's case, this data is routed to 11 different advertising platforms directly through Anthropic's servers rather than the user's browser, rendering standard ad blockers completely ineffective. Meanwhile, Perplexity recently removed its Meta tracker following earlier scrutiny.

Because this AI chatbot data leak relies on embedded infrastructure, users must take specific manual actions to limit their exposure. Based on the current platform configurations, here is how you can protect your data:

• Grok: Navigate to your settings to restrict conversation visibility, and explicitly revoke access to any links you have previously shared.
• Claude: Reject all non-essential cookies in the platform's settings. This action successfully disables the Meta Pixel tracker.
• Perplexity: Ensure your account settings are configured to keep all conversations Private.
• ChatGPT: Reject cookies wherever possible to reduce exposure, though be aware that Google Analytics will still run for free logged-in users.

The findings of the LeakyLM study highlight a glaring contradiction in the AI industry's approach to user privacy. Platforms like Claude recently faced severe backlash for requiring government ID verification from new subscribers - a move framed around security. Yet, the revelation that Anthropic routes user data to 11 ad platforms through its own servers shows that user surveillance is still deeply embedded in their business models. The fact that TikTok can receive verbatim text via Open Graph metadata demonstrates a shocking oversight of basic web standards by these multi-billion-dollar companies.

While the researchers acknowledge there is no definitive proof that Meta or Google are actively reading these chats, the infrastructure to do so is fully operational. The research team submitted these findings to Data Protection Authorities on April 13, 2026, and notified xAI on April 17, but no company has issued a response. As the researchers prepare to analyze Meta AI, Microsoft Copilot, and Google Gemini next, it is becoming increasingly clear that the "private" AI assistant is currently nothing more than a highly sophisticated data-harvesting tool.