MCP leaves much to be desired when it comes to data privacy and security

Staff Editor 2026-02-16
MCP leaves much to be desired when it comes to data privacy and security

MCP leaves much to be desired when it comes to data privacy and security

https://sdtimes.com/ai/mcp-leaves-much-to-be-desired-when-it-comes-to-data-privacy-and-security/

Publish Date: 2026-02-16 16:06:00

Source Domain: sdtimes.com

The Model Context Protocol (MCP) was created to enable AI agents to connect to data and systems, and while there are a number of benefits to having a standard interface for connectivity, there are still issues to work out regarding privacy and security.

Already there have been a number of incidents caused by MCP, such as in April when a malicious MCP server was able to export users’ WhatsApp history; in May, when a prompt-injection attack was carried out against GitHub’s MCP server that allowed data to be pulled from private repos; and in June, when Asana’s MCP server had a bug that allowed organizations to see data belonging to other organizations.

From a data privacy standpoint, one of the major issues is data leakage, while from a security perspective, there are several things that may cause issues, including prompt injections, difficulty in distinguishing between verified and unverified servers, and the fact that MCP servers sit below typical security controls.

Aaron Fulkerson, CEO of confidential AI company OPAQUE, explained that AI systems are inherently leaky, as agents are designed to explore a domain space and solve a particular problem. Even if the agent is properly configured and has role-based access that only allows it access to certain tables, it may be able to accurately predict data it doesn’t have access to.

For example, a salesperson might have a copilot accessing back office systems through an MCP endpoint. The salesperson has it prepare a document for a customer that includes a competitive analysis, and the agent may be able to predict the profit margin on the product the salesperson is selling, even if it doesn’t have access to that information. It can then inject that data into the document that is sent over to the customer, resulting in leakage of proprietary information.

He said that it’s fairly common for agents to accurately hallucinate information that’s proprietary and confidential, and clarified that…

Source

More Stories

Facebook privacy settlement: Second round of payouts to begin from June 9 — Check eligibility and amount

Facebook privacy settlement: Second round of payouts to begin from June 9 — Check eligibility and amount

Staff Editor 2026-06-06
Xiaomi 18 Pro Leak: Massive 4-Inch Rear Display & New Privacy Features

Xiaomi 18 Pro Leak: Massive 4-Inch Rear Display & New Privacy Features

Staff Editor 2026-06-06
Christine Van Geyn: Privacy isn’t a crime, but Bill C-22 acts like it is

Christine Van Geyn: Privacy isn’t a crime, but Bill C-22 acts like it is

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy