Viral Call Recording App Neon Pulled After Massive Data Breach

A new app called Neon, which promised to pay people for recording their phone calls and selling that data to artificial intelligence companies, has abruptly gone offline after a serious security breach.

Launched just over a week ago, Neon shot to the top of Apple’s App Store, even surpassing Meta’s Threads at one point. The app offered up to 30 cents per minute for calls made through its platform, positioning itself as a way for users to “profit” from their own conversations. According to analytics firm AppFigures, Neon was downloaded more than 80,000 times in a single day as it climbed the charts.

How Neon Worked

To use Neon, customers verified their phone number and then placed or received calls within the app’s dialer. Earnings were calculated only for calls routed through Neon, and users could make up to $30 per day.

The company said it removed personal identifiers before selling call data to “trusted” AI firms, though it had not yet announced any buyers.

When two Neon users spoke, both sides of the call were recorded, while calls with non-users captured only the Neon customer’s side. Despite this, transcripts and audio files still contained sensitive conversations, raising concerns about legality in states requiring two-party consent.

The app’s rapid rise raised eyebrows, but it wasn’t privacy policies that brought Neon down — it was a glaring technical flaw.

Fig 1. The Neon app interface (Source: Business Insider)

The Security Breach

TechCrunch, during a short test of the app, discovered that Neon’s servers lacked basic protections. Any logged-in user could pull up other users’ phone numbers, call metadata, transcripts, and even audio files if they knew where to look.

Public web links to recordings meant conversations could be downloaded by strangers with minimal effort.

The exposed data went beyond call audio. Metadata included who was called, when the call took place, its duration, and how much money was earned.

This meant Neon’s flaw put both users and the people they contacted at risk. In some cases, recordings appeared to show lengthy, real-world conversations being monetized without the other participant’s knowledge.

Fig 2. Call metadata from a Neon call. (Source: TechCrunch)

What Happens Next

After being alerted to the issue, founder Alex Kiam said the company shut down its servers and will conduct a full security audit. He promised stronger safeguards before relaunching, though no timeline has been given.

Kiam also did not confirm whether the company could track if others had exploited the flaw before it was reported.

Neon’s collapse highlights the dangers of trusting fast-rising apps with sensitive information. App stores have previously allowed apps with serious security lapses, including those that exposed users’ locations and personal documents.

For consumers, the lesson is clear: when a new service offers easy money in exchange for deeply personal data, the real cost may come later.