Kimi Exposed for Leaking User Privacy, Incorrectly Sent Another User's Resume
On April 21st, a blogger on social media claimed that Moonshot AI (月之暗面) leaked user privacy. They stated that while using Kimi, they accidentally pasted the wrong image, and Kimi first outputted irrelevant engineering text, then directly returned a resume containing real information such as name, phone number, and email, suspected to be a resume uploaded by another user that was incorrectly sent by the system.
Subsequently, the blogger contacted the Kimi operators at Moonshot AI, who explained that the AI had experienced a hallucination and asked the blogger to delete the post.
However, the blogger contacted the person whose resume was leaked, and after confirming the timeline of events, they both stated they could not accept Moonshot AI's explanation and refused to delete the content. The official side did not provide further explanation, but the person whose resume was leaked stated that they could no longer save the record of their resume upload.
Some netizens commented: "I don't mind my resume being sent to AI, after all, the user agreement states that it will be de-identified before training, but it's too shocking to be accidentally sent to strangers in its original form like this."
The blogger stated that the purpose of their post was to remind everyone that "chat records with AI actually have a high probability of being seen by others, and this is indeed the case, for any reason."
As of now, Moonshot AI has not released any further statement regarding the incident.