Researchers uncover how stored user interactions in LLM agent memory can be extracted through strategic prompting, creating significant privacy risks.

• Developed MEXTRA (Memory EXTRaction Attack) that works in black-box settings
• Demonstrated vulnerability across various memory architectures and popular LLMs
• Found that even small memory footprints can leak private user information
• Highlighted urgent need for robust memory protection mechanisms

This research is crucial for security professionals as AI assistants become more prevalent in handling sensitive information, revealing gaps in current protection strategies that need addressing before widespread deployment.

Unveiling Privacy Risks in LLM Agent Memory