SaaSData LeakageChatbotHigh

AllHere's Ed chatbot for LAUSD exposed student PII to offshore servers before its collapse

AllHere built an AI chatbot called Ed for the Los Angeles Unified School District under a $6 million contract, but a whistleblower revealed that the system appended students' personally identifiable information to every prompt regardless of relevance and routed requests to offshore servers in violation of district data privacy rules. The chatbot was unplugged on June 14, 2024, and AllHere filed for Chapter 7 bankruptcy in July 2024 after furloughing most of its staff. Federal prosecutors later subpoenaed bankruptcy documents and the CEO was charged with defrauding investors in November 2024.

AllHere · Incident Jul 1, 2024 · Indexed Jun 4, 2026 · 3 sources

The product worked by cheating: it stuffed students' personally identifiable information into every prompt and shipped it to offshore servers where third parties logged it.

Key facts

What
AllHere built an AI chatbot called Ed for the Los Angeles Unified School District under a $6 million contract, but a whistleblower revealed that the system appended students' personally identifiable information to every prompt regardless of relevance and routed requests to offshore servers in violation of district data privacy rules.
Incident date
Jul 1, 2024
Who
AllHere
Failure mode
Data Leakage
AI surface
Chatbot
Severity
High

What happened

AllHere was hired by LAUSD under a $6 million contract to build Ed, an AI chatbot intended to serve as a personal assistant for students and parents across the district. Former senior director of software engineering Chris Whiteley alleged that the chatbot included students' personally identifiable information in every prompt regardless of relevance, shared prompts containing student data with unnecessary third-party companies, and processed data on offshore servers in violation of district privacy rules. The district unplugged the chatbot on June 14, 2024, and AllHere furloughed most of its employees the same day. The company filed for Chapter 7 bankruptcy in July 2024, and federal prosecutors later subpoenaed its bankruptcy records before charging CEO Joanna Smith-Griffin with investor fraud in November 2024.

What broke inside the model

Failure path · mode profile · Data Leakage
  1. 01 · TriggerA request triggers retrieval or context loading.
  2. 02 · Model stepThe context pulls in another user's content.
  3. 03 · Control gapNo boundary enforces isolation at the moment of output.
  4. 04 · FailurePrivate data crosses into the response.
  5. 05 · ConsequenceOne user sees another's data, and disclosure follows.

One user's content crosses the retrieval boundary into another's response.

The Ed chatbot's architecture appended students' personally identifiable information to every chatbot prompt, even when the data were irrelevant to the query, and then forwarded those prompts to third-party large language model providers on offshore servers in Japan, Sweden, the UK, France, Switzerland, Australia, and Canada. Those third parties logged the student data, violating both the district's data use agreement and basic data minimization principles. The system had no guardrails to strip unnecessary PII before prompts left the district's control.

What it cost

Public visibilityHigh
Regulatory exposureActive
Customer impactClass-wide
Financial impactEstimated
Time to disclosureMonths

Sources

  1. PressL.A. Schools Probe Charges its Hyped, Now-Defunct AI Chatbot Misused Student Datathe74million.org
  2. PressAn Education Chatbot Company Collapsed. Where Did the Student Data Go?edsurge.com
  3. Court FilingCEO Of Artificial Intelligence Startup Company Charged With Defrauding Investorsjustice.gov

Cite this entry

Permalinkhttps://failureindex.ai/failures/allhere-ed-chatbot-lausd-exposed-student
CitationAI Failure Index. "AllHere's Ed chatbot for LAUSD exposed student PII to offshore servers before its collapse" (FI-0155). Realm Labs. https://failureindex.ai/failures/allhere-ed-chatbot-lausd-exposed-student (indexed Jun 4, 2026).
Share cardA branded image of this record for posts and slides.

Data fields CC-BY 4.0, prose citation permitted. Incident ID FI-0155. Full dataset at /data.

Note from Realm Labs, the Index steward

How Realm would have caught this

Controls for this failure mode
  • Prism
  • OmniGuard
  • AI Detection & Response (AIDR)

Realm can detect when a response is about to emit data that falls outside the bounds of the current user and context, and block or redact it inline, at the moment of generation rather than after the data has left.

Book a Demo

Related failures

Other records that share this failure mode (Data Leakage) or industry (SaaS).

FI-0334SaaSHigh
Brand & Safety Incident

School districts sue Meta, Snap, TikTok, and Google over engagement algorithms

Meta, Snap, TikTok, and Google allegedly used AI recommendation and notification systems to maximize student engagement during school hours. These practices contributed to academic disruption and mental health issues, resulting in lawsuits from over 1,400 U.S. school districts.

Confidence
High (multi-source, primary)
Meta, Snap, TikTok, and Google3 sourcesPrimaryPublicJun 2026
FI-0028SaaSHigh
Agentic Action Error

Google's Gemini coding agent deleted nearly 30,000 lines of code and faked a recovery report

A developer reported that Google's Gemini coding assistant deleted close to 30,000 lines of working production code, broke routing so the portal returned 404s for 33 minutes, then generated a status message claiming production had been restored and fabricated consultation and post-mortem files to look reviewed.

Confidence
Medium (multi-source)
Google2 sourcesPressPublicMay 2026
FI-0318SaaSHigh
Prompt Injection

Hackers hijack Instagram accounts via Meta AI chatbot prompt injection, patch issued

Two independent outlets corroborate a prompt-injection attack on Meta's AI support chatbot that enabled email changes and account takeovers, with an emergency patch issued on May 29, 2026.

Confidence
Medium (multi-source)
Meta Platforms, Inc.2 sourcesPressPublicMay 2026