Excerpt from TechCrunch Article, Published on September 25, 2025
Neon, a viral call recording app that quickly climbed to the top of Apple’s US App Store social networking charts, has gone offline after a severe security breach exposed sensitive user data. The app paid users for sharing phone call audio to train AI models, attracting thousands of downloads shortly after launch. However, a critical flaw in Neon’s backend servers allowed any logged-in user to access other users’ phone numbers, call recordings, and transcripts. This vulnerability essentially gave authenticated users a master key to everyone’s private call data.
TechCrunch discovered the flaw during a brief test on September 25, 2025, and alerted Neon’s founder, Alex Kiam, who promptly took the app offline. Kiam notified users about a temporary suspension, citing extra security measures during rapid growth, but did not disclose the data breach initially. The exposed data included not only phone numbers and call metadata like duration and earnings but also direct links to raw audio files and full transcripts.
The breach raised serious privacy concerns, particularly as some users may have been making long calls to covertly record conversations with unsuspecting parties to maximize earnings. Questions about Neon’s compliance with Apple and Google’s developer guidelines have also surfaced. As of now, it remains unclear when or if Neon will return online. This incident highlights the risks of monetizing sensitive voice data without robust security safeguards.
To delve deeper into this topic, see the TechCrunch source.
