/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130344212z-iw-new.png)
/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130332454z-iw-new.jpg)
/industry-wired/media/media_files/2025/06/03/D4NipFcliCYpts8Aoswk.jpg)
/industry-wired/media/media_files/2025/06/03/D4NipFcliCYpts8Aoswk.jpg)
Is Perplexity AI Safe? Experts Uncover Major Security Flaws in 2025
Artificial intelligence has transformed businesses worldwide, but as technology continues to evolve, so do security risks. Perplexity AI, a leading provider of AI-driven search and content generation technologies, has come under scrutiny following a security assessment conducted by researchers. This investigation revealed significant security vulnerabilities associated with its use.
Perplexity AI boasts over 10 million active users, raising concerns about its security. A joint effort by Darktrace, a cybersecurity research firm, and the Stanford AI Ethics Lab uncovered severe security flaws that could potentially be exploited for malicious purposes.
Critical Security Concerns Associated with Perplexity AI
1. Privacy and Data Breaches
WIRED published an article in 2025 indicating a possible safety issue with the Perplexity AI API, which granted the government unlimited access to all stored user interactions. The vulnerabilities found were observable vulnerabilities that were, in fact, definitely more insecure than other encrypted chat apps, like ChatGPT-5. Security experts warned that this kind of exposure to unencrypted chat logs would result in intercepted communications, potentially compromising confidential business data or private information.
2. Vulnerability to Prompt Injection
Cybersecurity firm Check Point Research has found that the views of smart agents, such as Perplexity AI, can be easily manipulated by a prompt, leading to accidental exposure to sensitive information. Although this illustrates a well-known performance flaw in chat models and was conducted in a test environment, it raises concerns about the handling of sensitive information and its implications for enterprise deployment.
3. Ambiguity of Data Usage Policy
Perplexity Early in 2024, AI revised its privacy policy. The policy was vague about how user information would be shared with third parties. A report by TechCrunch discussed a case where user input could be used for unspecified training in a manner that likely doesn't align with GDPR or CCPA.
4. Weak Authentication Protocols
Google's Gemini AI supports multi-factor authentication (MFA) at login, while Perplexity does not. Such short-sightedness, if you will, makes accounts using Perplexity susceptible to credential-stuffing attacks. A report by Kaspersky found that in 2025, over 15% of AI-related breaches were caused by poor authentication.
How Users and Businesses Can Protect Against It
1. Use End-to-End Encryption
Firms that use Perplexity AI must request encrypted data transmission. Consider ProtonMail's secure email feature, for instance: their encryption prevents any leaks.
2. Routine Security Audits
IBM Security recommends conducting regular penetration tests to identify vulnerabilities before an attack occurs.
3. Promote Clear Patterns of Data Use
Users should hold AI firms accountable for ensuring that policies regarding data usage patterns are transparent. The EU AI Act (2025) has legislatively encoded more responsibility for AI vendors.
4. Create Strong Access Controls
Adding multi-factor authentication and role-based access can greatly minimize unauthorized usage. Other companies can utilize Microsoft's heavily protected Azure AI.
Conclusion: The Way Forward: AI Potential vs. Security
The high number of detected vulnerabilities in Perplexity AI in 2025 highlights a critical issue in the global technological landscape: the need to strike a balance between the potential of artificial intelligence and safety considerations. While the platform offers impressive capabilities, these vulnerabilities remind us not to overlook its weaknesses. Businesses that utilize AI must adopt proactive security measures, and users need to reassess the risks of sharing sensitive data. Regulatory agencies are increasingly vital in the global environment, requiring AI technologies like Perplexity to continually adapt and evolve. In a world where trust is essential, addressing security cannot be an afterthought.
Researchers discovered that Perplexity AI lacked adequate safeguards against debugging features and developer exploits, which provided attackers with a clearer understanding of the app's functionality. The absence of these protections significantly increased the potential for identifying and exploiting vulnerabilities.