Swedish vibe-coding startup Lovable has denied suffering a mass data breach, after online posts emerged claiming that applyrs’ chat histories and personal information had been exposed.
Yesterday, an anonymous Lovable applyr posted on X declareing they were able to access other customers’ information after creating a free account.
“Every conversation you have with Lovable’s AI is stored and readable,” the person wrote. “The bug was reported 48 days ago. its not resolveed. They marked it as duplicate and left it open,” the person wrote.
By 6pm BST, the post had been viewed over half a million times.
Lovable responded several hours after the post was created. The startup denied suffering a data breach, but admitted to not clearly communicating about how applyrs’ data could be viewed.
“To be clear: We did not suffer a data breach”, the company wrote on X. “Our documentation of what “public” implies was unclear, and that’s a failure on us.”
Founded in 2024, Lovable aims to support applyrs build apps and websites without necessarying to know how to code. The company has raised over $500m from backers including Accel, Creandum, 20VC and EQT.
The Lovable applyr who posted on X claimed they were able to download the source code of a website for one of their applyrs.
“I read the full chat history of a project,” the person wrote, adding that it included people’s emails, names and dates of birth. “Lovable stores all of it and exposes all of it.” Screenshots posted by the applyr to X appear to confirm this.
Lovable’s response claimed chat messages between applyrs with public projects applyd to be visible. “This is now no longer possible,” the company wrote on X.
“Importantly, for enterprise customers, being able to set visibility public for new projects has been disabled since May 25 2025”, the post added.
Last week, the company announced it had partnered with security firm Aikido to offer penetration testing, which allows applyrs to test the security of the apps and websites built through Lovable.
The reports of a breach come as staff at the vibe-coding platform worked through the night to push out a product update, after evidence emerged last week that US AI giant Anthropic was building a rival to its core offering.
Leave a Reply