A small e-commerce founder in Portland deployed her new storefront in an afternoon. A mid-sized logistics company in Munich shipped an internal dashboard over a weekend. A healthcare administrator in Singapore spun up a patient intake portal in three hours. None of them had formal security training. All of them used AI coding platforms that promised to close the gap between idea and launch. And according to a Wired investigation, thousands of apps built with Lovable, Base44, Replit, and Netlify have since exposed sensitive corporate and personal data on the public internet.
The apps are not buggy in the traditional sense. They run. They function. They get deployed. The problem is what the AI underneath them failed to account for: who gets to see what, and under what conditions. Default configurations that make sense for a prototype remain in place when the app goes to production. Authentication logic that a human developer would catch gets greenlit because the AI optimized for shipping, not for locking down. The result is a new category of breach—not the result of a sophisticated attack, but of a platform move fast and build with AI culture that treats security as optional.
Lovable, Base44, Replit, and Netlify have each positioned themselves as democratizing forces in software development. Their pitch is compelling: describe what you want in plain language, and an AI scaffold builds the application. The tools target non-engineers—founders without technical co-founders, SMBs without IT departments, operators who need solutions now. For these users, the value proposition is clear: no code, no wait, no compromise. But that promise rests on an implicit assumption that the AI handles the hard parts. Security, it turns out, is one of the hardest parts, and the platforms have not always treated it as a first-class concern.
The exposure extends beyond trivial data. The apps leaked credentials, internal documents, customer records, and in some cases, administrative access tokens that could grant full control of the underlying infrastructure. This is not hypothetical harm—it is documented in the public internet, searchable by anyone who knows where to look. The victims include the businesses that deployed these apps and, more gravely, the customers whose data those businesses collected.
The tension here is structural. AI coding platforms measure success by how quickly users can ship. Security requires friction—deliberate choices, explicit configurations, manual checks. The incentives point in opposite directions. Some platforms have begun adding security audit features, flagging common misconfigurations before deployment. But these additions arrive reactively, after the Wired report brought the scale of exposure to light. The pattern mirrors what happened with early web builders in the 2000s: ease of use prioritized, hardening left to users who lack the expertise to know what hardening looks like.
What changes for users is straightforward and uncomfortable. The people who most need tools that remove engineering barriers are often the least equipped to evaluate whether those tools have introduced security barriers. A founder celebrating a weekend launch may not realize their app is broadcasting internal spreadsheets. A patient entering data into a portal assumes someone upstream made it safe to do so. The promise of AI-assisted development told them shipping was the hard part. It turns out shipping without leaking was the hard part, and no one told them to worry about it.
The platforms face a choice now that the exposure is public. They can treat security as a feature to be marketed in response to criticism, or they can bake it into the scaffolding by default. The first path lets them move fast and absorb reputation costs. The second path adds friction that may slow adoption. Users who have already shipped need immediate guidance on what to audit. The developers who trusted these platforms to handle the hard parts need to know that the hard part was not handled. That conversation is uncomfortable for everyone involved. But the alternative—continuing to ship fast and leak data—is not a trade-off anyone explicitly agreed to make.