If you haven’t heard the buzz about Manus yet, it’s the new AI model unveiled by a Singapore-based company called Butterfly Effect. This isn’t just another chatbot. It’s one of the first truly autonomous AI agents, able to do its own research, make decisions and even carry out plans, all with barely any human oversight.
Sounds impressive, right? But here’s the thing: While all this innovation opens up exciting possibilities, it also brings some serious privacy and security questions. Whether you’re eager to try out the latest AI or you’d rather steer clear, it’s worth understanding what Manus could mean for your personal data and digital safety.
STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT’S ‘THE CYBERGUY REPORT’ NOW
First truly autonomous AI agent (Manus) (Kurt “CyberGuy” Knutsson)
Your data could be used to train AI, even if you go nowhere near it
This has already been happening for a while with other AI models. There have been several class-action lawsuits against tech companies for scraping personal data for use in AI training, with one lawsuit claiming that OpenAI uses “stolen private information, including personally identifiable information, from hundreds of millions of internet users, including children of all ages, without their informed knowledge or consent.”
Many companies also sell or share data with third parties, including for the purposes of AI training. For example, X has been using personal data to train its AI, Grok, and is also sharing user data with third parties to train AI models. So whether you use AI (including Manus AI when it’s released to the public) or not, there’s still a good chance that they have your personal information.
First truly autonomous AI agent (Manus) (Kurt “CyberGuy” Knutsson)
GOOGLE’S NEW AI TECH MAY KNOW WHEN YOUR HOUSE WILL BURN DOWN
Why should you care if AI has your data?
It boils down to data privacy and security. When AI companies collect personal information – things like your name, email address, home location, social media posts and even photos – they often store it in large databases to train their models. If those databases aren’t properly secured, they can become gold mines for hackers. Think of them as digital “honey pots”: sweet and tempting to cybercriminals because of all the personal data inside.
This isn’t just a theoretical risk. Just this year, another AI company, DeepSeek, experienced a major leak that exposed more than a million sensitive records. When this kind of information gets out, it can end up on the dark web where scammers and identity thieves are more than happy to scoop it up. That’s how people end up dealing with everything from identity theft and impersonation to tons of spam calls, phishing emails and targeted scams.
But data leaks aren’t the only danger. Even when the information is secure, it can be misused or manipulated in ways that are hard to detect. One of the biggest new threats is something called a prompt injection attack.
In simple terms, prompt injection is a way for attackers to trick an AI into doing something it wasn’t supposed to. Researchers recently found that attackers can embed hidden commands in seemingly harmless text, like a website bio, email signature or even a social media post. When the AI reads that text during training or browsing, it can accidentally follow the hidden instructions, which might tell it to leak information, change how it behaves or give unauthorized access to private data.
First truly autonomous AI agent (Manus) (Kurt “CyberGuy” Knutsson)
DANGERS OF OVER-SHARING WITH AI TOOLS
Manus AI poses even bigger risks
Unlike most AI tools that respond to commands you give them directly, Manus is autonomous, meaning it can act on its own, follow links, read content and make decisions without human approval. While that sounds pretty cool, it’s also what makes it a lot harder to spot when something goes wrong.
If Manus encounters malicious content, it could unknowingly follow a hidden prompt, compromise your data or alter its behavior, and there may be no obvious sign that anything has happened until it’s too late. There are also some concerns about where Manus sends and stores data. Security researchers have traced data back to servers in Shenzhen, China, raising red flags about surveillance, jurisdiction and who might ultimately have access to your information.
So even if Manus isn’t scraping anything too sensitive today, the combination of weak oversight, powerful automation and questionable data practices makes it far riskier than your average AI assistant.
We reached out to Manus AI for a comment on this article but did not hear back before our deadline.
First truly autonomous AI agent (Manus) (Kurt “CyberGuy” Knutsson)
GENAI, THE FUTURE OF FRAUD AND WHY YOU MAY BE AN EASY TARGET
So, how can you protect yourself?
As I’ve mentioned, whether you use Manus AI or not, your personal information will still likely end up in its datasets, so the best way to protect yourself is to make your information difficult to find. Here are some things you can do.
1) Be cautious about using Manus: With that level of autonomy, especially since it’s a very new AI (not to mention the inconsistency in its privacy policy regarding governance), I wouldn’t recommend using it quite yet. There’s just too much damage it can do if it malfunctions or is subject to a prompt injection attack.
2) Keep your personal information under wraps: With so many companies selling and trading personal information, many of them to tech companies to train AI, it’s a good idea to withhold your data unless you absolutely can’t avoid sharing it.
3) Actively remove your personal information from the internet so your data can’t be scraped by AI models like Manus: Set your social media to private, limit data collection through privacy settings and remove your information from data brokers and people-search sites. Autonomous cloud-based agents such as Manus are designed to extract and analyze vast amounts of online data, and your publicly available information can be swept into their training datasets without your knowledge or consent.
While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
4) Use strong antivirus software to help defend against the broader attack surface created by autonomous AI systems: Manus’ ability to act independently and interact with external systems increases the risk of adversarial attacks and malware transmission, so robust endpoint security is essential to protect your devices and data.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
5) Use privacy-focused products and services: Whenever you cannot avoid sharing personal information, opt for companies that prioritize your privacy. For example, use the DuckDuckGo browser instead of Chrome and Brave or Proton Mail instead of Gmail. Check out the best private and safe browser alternatives to Google.
6) Keep all software updated, including your operating system, browsers and security tools, to patch vulnerabilities that attackers might exploit: As AI agents like Manus operate in the cloud and may interact with your systems, unpatched software can become an easy target for exploitation or unauthorized access. Therefore, it’s always a good idea to keep software, operating systems, browsers and security tools updated at all times.
7) Enable multifactor authentication (MFA) on all your accounts: As AI-driven attacks and automated data extraction become more common, MFA adds a crucial layer of defense, making it much harder for attackers to compromise your accounts, even if an AI system leaks or scrapes your credentials.
8) Use strong, unique passwords for every account: As cloud-based AI agents like Manus can interact with external systems and potentially access sensitive data, unique passwords help prevent a breach of one account from leading to a broader compromise. Consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed password managers of 2025 here.
Kurt’s key takeaways
As we move forward with AI like Manus, it’s exciting to think about the possibilities, but it’s also important to keep our eyes open about what it means for our personal data. Even if you never use Manus yourself, your info could still end up in its training data.
So what can you do? Stay informed, take charge of your digital footprint and choose tools that prioritize your privacy. As AI keeps evolving, being proactive about your data is the best way to enjoy the benefits of innovation while keeping your personal info safe.
Do you think companies behind powerful AI agents like Manus should be required to follow stricter privacy rules and independent oversight before they’re allowed to collect and use people’s data? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
