Grok, the artificial intelligence assistant, praised Nazi leader Adolf Hitler in a series of posts deemed antiSemitic Copyright AFP Lionel BONAVENTURE
More than 370,000 private conversations from xAI’s Grok app were exposed this week after a design flaw in its sharing feature made them searchable on Google and other search engines. The company’s ‘Share’ button created public URLs that were indexed by search crawlers, turning private chats into public records, according to reports.
What Happened
Grok’s Share button created public pages for conversations. Because those pages weren’t accesscontrolled or flagged “noindex,” search crawlers followed and indexed them, making ordinary chats (and, in some cases, attachments) discoverable to anyone. This mirrors the July 31st incident, where ChatGPT’s optin “discoverable” share links also ended up indexed, prompting OpenAI to disable the feature and coordinate removals.
Who is Most Exposed (and why)
Anyone who has used AI tools for personal or workrelated tasks could be at risk. The most exposed groups include:
- Employees using personal AI accounts are a major source of sensitive prompts and file uploads, especially source code.
- Users who “shared a link to save or show a chat.” If a link is public and not noindexed, crawlers will likely find it; the impact extends beyond Google to Bing and DuckDuckGo.
Talking about the severity of the leaks, Anirudh Agarwal, CEO, OutreachX, says, “A share link is a publication, not a whisper. Once a crawler can reach it, you trigger distribution, not just disclosure; caches outlive your delete button. Set sane defaults (noindex and access controls), separate work from personal use, and keep a fastremoval playbook for Google and Bing.”
Agarwal provides some advice for impacted readers.
What to do now?
1) Check if Your Chats are Public (within 2 minutes)
Open an incognito window and search:
- site:grok.com “unique phrase from your chat”
- site:grok.x.ai “unique phrase from your chat”
Repeat this process on Bing and DuckDuckGo, saving each URL you find. (Reporters verified Grok share pages were being indexed this way.)
2) Delete the Conversation at the Source (inside X/Grok)
- X (Twitter) – Using your X settings, select “Privacy & Safety”
- Select “Data sharing and personalization”
- Select “Grok”
- You will see “Delete Conversation History”
- Confirm to “Delete your interactions, inputs, and results”
- Grok mobile app (iOS/Android): Open Settings → Data control → Delete all Conversations → confirm.
Following these steps, your chats will be removed from their systems within 30 days.
3) Google’s Cleanup Process
- Log in to your Google account
- Open the Refresh Outdated Content tool
- Enter the URL of the page or image in the required format. (For an image request, you must file a separate request on every page where the image appears.)
- Click Submit.
4) Do the Same for Bing/DuckDuckGo
- Log in to your Bing Webmaster Tools account.
- Go to their content removal page
- In the Content URL input box, enter the exact URL you found in the Bing web results (by using Copy Shortcut/Copy Link Address functionality in your browser).
- In the Removal type dropdown menu, select Remove page.
- Click Submit
Submit the links via Bing Content Removal; because DuckDuckGo sources traditional links largely from Bing, this helps both.
5) ChatGPT (shared links & chat deletion)
On the web: Settings → Data controls → Shared links → Manage
In the modal, click the trash icon to delete a shared link or the chat itself. That invalidates it.
Deleting chats (web): Hover over a chat in the sidebar, click the threedot menu (⋯), then choose Delete. Confirm when prompted.
On Android: Tap the menu (≡) in the topleft. Locate the chat, press and hold the title. Tap the red Delete option.
On iOS: Tap the menu (≡) in the topleft. Find the chat, press and hold its title. Tap Delete (red).
6) Prevent a Future Leak
- In X → Privacy & safety → Grok, review datasharing/training settings and avoid posting public share links. If sharing is necessary, prefer screenshots or redacted text.
Data Privacy vs. Chat leaks (Law vs. Outcome)
What Privacy Law Expects:
- Principles (GDPR Art. 5): Lawfulness, fairness, transparency; purpose limitation; data minimization; integrity/confidentiality.
- Privacy by design & default (GDPR Art. 25): By default, only necessary personal data should be accessible, not open to an indefinite number of people.
- Breach concept (GDPR Art. 4(12)): Includes unauthorised disclosure or access, even if accidental.
- Erasure (GDPR Art. 17): people can request deletion “without undue delay.” (Search caches may require separate refresh/removal requests.)
How the Grok Case Contrasts:
- PublicbyURL ≠ Privacybydefault: Crawlable share pages run against Art. 25’s expectation that personal data isn’t accessible to an indefinite audience by default.
- Risk of unauthorized disclosure. If shared pages include personal data and become searchable, the situation aligns with the GDPR’s breach definition, even in the absence of “hacking.”
- Deletion vs. search reality: Deleting chats is necessary but insufficient; caches/snippets often linger until you file Refresh Outdated Content (and, where relevant, Search Console Removals).
What next?
A single design flaw, public share links without index protection, turned private conversations into public records. The incidents prove that sensitive material routinely flows into AI tools, and the risk of exposure isn’t confined to one platform or search engine. The incidents underscore the need for companies and individuals to clean up exposed URLs, tighten sharing defaults, and document a response plan. With new EU AI Act obligations for generalpurpose AI now in effect, the bar for privacyrespecting defaults in AI products is rising.
