A Democratic senator is pressing the AI toy company bondu over a serious data privacy breach that exposed tens of thousands of children's private conversations. Senator Maggie Hassan sent a letter demanding explanations about how this exposure happened and the company's safety measures. Researchers recently revealed that bondu's chat transcripts and personal data were accessible via a public portal. After the company took down the flawed portal, it quickly relaunched it with added authentication measures. Hassan's inquiry highlights increasing scrutiny of AI-enabled toys, particularly regarding data collection and cybersecurity risks. In her letter, she asked bondu CEO Fateen Anam Rafid about who has access to the data, what monitoring occurs, and whether the company limits employee access to user information. She raised alarm over the potential for identity theft and the exploitation of private chat transcripts, particularly since the toy targets children aged three to nine. In response, bondu claims to use industry-standard safeguards like encryption and limited access to personal data. The company assures parents they can manage or delete their child's chats easily. Hassan also inquired if AI tools contributed to the security flaws and what measures bondu has taken to address those vulnerabilities. She has set a deadline of February 23 for the company to respond.