Sen. Hassan Probes AI Toy Maker Over Exposed Kids’ Chats

Sen. Maggie Hassan (D‑N.H.), ranking member of the Joint Economic Committee, has sent a detailed oversight letter to Bondu, an AI‑powered conversational toy company, demanding answers after researchers found tens of thousands of children’s chat transcripts and personal data exposed on a publicly accessible web portal. The incident, first reported last month, involved a feature that lets parents review their kids’ conversations, which Bondu briefly took offline and then relaunched with authentication, raising alarms among child‑safety and privacy advocates about how securely AI toys handle sensitive data from children as young as three. Hassan’s letter, shared exclusively with Axios, asks CEO Fateen Anam Rafid to explain how the breach happened, who can access stored chats, whether staff monitor or mine conversations, what limits exist on employee access, and whether AI tools were involved in building the flawed system and testing its security. She warns that the exposure of young children’s communications could enable identity theft and targeted exploitation and sets a Feb. 23 deadline for Bondu’s response, signaling potential follow‑on legislative or regulatory action. The probe comes amid broader concern in Washington over AI companions and chatbots marketed to kids, with social media already awash in parent complaints and calls from experts for stronger federal privacy rules around AI‑enabled toys.