AIBearisharXiv โ CS AI ยท 5h ago7/10
๐ง
When RAG Chatbots Expose Their Backend: An Anonymized Case Study of Privacy and Security Risks in Patient-Facing Medical AI
Researchers conducted a security assessment of a patient-facing medical RAG chatbot and discovered critical vulnerabilities exposing system prompts, API endpoints, backend configurations, and 1,000 unencrypted patient conversations without authentication. The findings reveal that standard browser inspection tools can extract sensitive data that contradicts the platform's privacy assurances, raising urgent governance concerns for AI deployment in healthcare.
๐ง Claude๐ง Opus