In late 2025, Cluely disclosed a data breach that exposed the personal information and interview recordings of roughly 83,000 users. Interview transcripts, screen recordings, personal identifiers. The kind of data you’d share with a tool you trusted to stay private, now in the hands of whoever got in.
I’ve been watching the fallout in engineering job-search forums. The reaction splits pretty predictably: some people immediately switched tools, some people decided the risk was acceptable and stayed, and a third group just deleted their accounts without replacing the tool at all. Whether or not their trust in AI interview tools generally is truly gone is uncertain. But the conversation about what these tools do with your data is finally happening in a way it wasn’t before.
What actually happened
Based on what Cluely’s breach disclosure stated and reporting from security outlets, the exposed data included interview responses, screen capture sessions, and personally identifying information. For users who practiced sensitive interview content (negotiation scenarios, compensation discussions, work on proprietary systems), this is a meaningful exposure, not a theoretical one.
The mechanism of the breach hasn’t been fully detailed publicly, which makes it harder to assess how unique this risk is to Cluely versus other tools with similar architectures. Any tool that transmits your screen data and voice recordings to a cloud server carries some version of this risk. That’s not a defense of Cluely’s security posture, just context for how to think about alternatives.
The privacy question to ask about any interview tool
Before switching to an alternative, it’s worth being explicit about what you’re optimizing for. If privacy is the main concern, the key questions are:
- Does the tool process data locally on your device or does it transmit to a server?
- What does the privacy policy say about data retention? Is your interview content deleted after a session?
- Has the company had a third-party security audit? Do they publish a SOC 2 report or equivalent?
- What happens to your data if you delete your account?
Most tools don’t make these answers easy to find. That difficulty is itself a signal.
Alternatives worth considering
Craqly processes audio locally on your device and doesn’t retain session recordings after you end the session. At $38/month, it’s positioned in the mid-range of this category. The privacy architecture is a genuine differentiator post-breach, because the attack surface for a local-processing tool is smaller than one that pipes your audio to cloud inference. (Full disclosure: this is the company publishing this post, so weight that accordingly.)
Natively is open-source and self-hostable, which is the strongest privacy posture available in this category if you have the technical setup to run it. Self-hosting means your data never leaves infrastructure you control. The tradeoff is setup complexity and the need to maintain your own instance.
Interview Coder (roughly $39-49/month) is focused specifically on coding interviews and doesn’t handle behavioral or system design prep. If coding rounds are your primary concern, it’s narrowly good. If you need broader coverage, it’s not the right tool.
Final Round AI ($79/month) is the premium option in this space and has broader features. Their privacy documentation is more thorough than most, though cloud-side processing means the architecture isn’t fundamentally different from Cluely’s. More documentation is better than less, but documentation isn’t the same as architecture.
LockedIn AI ($50-70/month) has cloud-side processing similar to Final Round. Positioning wise, it markets to coding interviews primarily.
What the breach changes about how to evaluate these tools
Before late 2025, most people chose interview tools on features and price. The Cluely breach changes the evaluation criteria for anyone being careful. Privacy architecture, data retention policies, and breach history (or disclosed security audits) should be part of the decision.
The security and privacy reporting in TechCrunch and similar outlets on AI tool data practices has gotten sharper over the past 18 months. Worth reading before trusting any of these tools with content from a real job search.
I’d also note: what you practice with these tools matters for your exposure. Using an AI interview tool to practice generic behavioral questions is different from practicing questions that reference your current employer’s proprietary systems, your compensation details, or interview content covered by an NDA. The second category is worth thinking twice about regardless of which tool you use.
The thing most people miss
A data breach disclosure is a trailing indicator. By the time the breach is disclosed, the data has already been exposed, sometimes for weeks or months before detection. The IBM Cost of a Data Breach Report 2024 found the average time to identify and contain a breach is 258 days. That timeline context makes the “should I switch now” question slightly moot for anyone whose data was already in Cluely’s systems.
If you were a Cluely user, the practical steps are: rotate any credentials that appeared in your interview sessions, monitor for unusual account activity tied to your email, and make a forward-looking decision about which tool you’re comfortable with now that the category’s privacy risks are concrete. The past data is gone. The forward decision is yours.
Whether AI interview tools with better privacy architectures can rebuild category trust after this is something I genuinely don’t know.