A scraper sends a POST to /reset?email=alex@example.com on your app and reads the response. The response time is slightly longer when the email exists than when it does not. The scraper sends another, then another, then thirty thousand more, then a million. Two hours later, it has every customer email in your database. A phishing campaign goes out the next morning. The first message reads: "Hi from your app's support team, we noticed unusual activity on your account." Three of your most active customers click. This is privilege escalation in practice. It does not look like the movies. It looks like a quiet API endpoint that AI tools build without timing-safe comparisons or generic responses.
What this looks like in a real app
Password-reset enumeration is one example. The same family of bugs covers every authorization check your AI tool forgot to add: row-level filtering on database reads, ownership checks on writes, default-deny on new endpoints. AI tools build features. They do not build refusals. When you describe what your user can do, you describe what the AI builds. You almost never describe what the user must NOT do, so the lock on the door is not built. Now multiply that across every feature your app has shipped.
The numbers: 322%, 40%, and 153%
2026 industry research compared AI-generated code to human-written code across categories of security issues. Three findings stood out. Privilege escalation paths increased by 322%, secret exposure went up 40%, and structural design flaws were 153% more common. Common issues include 41% of AI-generated backend code shipping with overly broad permission settings. Source: https://www.softwareseni.com/ai-generated-code-security-risks-why-vulnerabilities-increase-2-74x-and-how-to-prevent-them/ and https://labs.cloudsecurityalliance.org/research/csa-research-note-ai-generated-code-vulnerability-surge-2026/
- Privilege escalation paths: +322%
- Structural design flaws: +153%
- Secrets exposure: +40%
- 41% of AI-generated backend code ships with too-broad permissions
Privilege escalation is the technical name for a real business risk: one of your users seeing another user's invoices, messages, photos, or anything else they paid you to keep private.
What the law says when this happens
Every customer email in your database is personal data. When a scraper exfiltrates it, that is a personal-data breach under GDPR. Under Article 83, the maximum fine is 20 million euros or 4% of global annual revenue, whichever is higher. Under Turkey's KVKK (Law 6698), fines reach into the millions of Turkish lira and the data controller is named in the public decision. The 72-hour breach-notification clock under GDPR Article 33 starts the moment you become aware. CCPA in California adds per-record statutory damages that scale with how many customers you have. This is general information, not legal advice. Talk to a lawyer for your situation.
If your competitor's phishing campaign uses customer emails that came from your database, you are still the regulator's first call. They started where the leak was, not where the harm landed.
Why this is the worst kind of bug for a founder
A crashing app is embarrassing. A slow app is annoying. A leaked invoice is unforgivable. The reason AI tools miss authorization checks is simple: when you describe what you want to build, you describe what the user can do. You almost never describe what the user must NOT do. The AI does not refuse to ship code without those checks. It ships exactly what you asked for, which is everything except the lock on the door.
How we close the gap quickly
There are about six patterns to add, and they cover most cases. We add them in the right places in your code, write tests so they cannot regress, and coach you on the prompts to use when you build the next feature. The whole thing usually fits in our 1 to 4 week rescue sprint.
- Row-level authorization: every database read filtered by current user
- Action-level checks: this user can read, but can they edit?
- Default-deny on new endpoints: forbidden until you allow
- Tests that try to access another user's data and confirm the request fails
- Secrets out of code: environment variables only, with rotation plan
- A prompt template you reuse so the AI adds these checks by default
We have done this for production apps
Kendin Bak (https://kendinbak.ibgroup.dev) and Seyir Yardımcısı (https://navigasyon.ibgroup.dev) are production mobile apps that handle real users and real data. Lean Cart (https://leancart.global) is a multi-tenant e-commerce platform where authorization is the entire product: one customer must never see another customer's store. We carry that same discipline into client work. Featured by Strapi for our open-source contributions at https://strapi.io/integrations/strapi-http-toolkit.
Lock the doors before the customers arrive
Of all the security work you will ever do, fixing authorization gives the largest return per hour. Most apps need a focused week to close them. We do this work on a fixed price through Upwork, with only 10% upfront. If you are about to launch, this is the one thing not to skip.
Get a free written code review focused on authorization issues. We will tell you exactly which user actions are unprotected today.