Personal Data Breach in Cursor Dashboard Analytics Page

gf-1 · March 4, 2026, 2:06pm

Where does the bug appear (feature/product)?

Somewhere else…

Describe the Bug

I have spotted a GDPR breach in the Cursor Dashboard Analytics page.

I have a personal Cursor account. I have a separate work Cursor account. They are separate accounts and use different email addresses.

Both accounts are linked to my GitHub account.

I have just noticed that in my work Cursor account Dashboard I can see the usage of my personal account. It also shows my personal email address. This is information that I have NOT disclosed to my employer and it is a breach of GDPR law.

In addition, the BugBot feature is mixing data between organisations. This is almost certainly also a GDPR breach and a personal data breach.

In my personal repositories when I attempt to use BugBot I get a message:
This can only be happening if the BugBot tool is incorrectly pointing my personal repo in GitHub at my work Cursor account.

These may be separate or related bugs, but thy are both serious breaches of UK and EU data law and need to be addressed urgently.

Steps to Reproduce

Described above

Expected Behavior

Data from a Cursor account is never displayed in the dashboard for a different Cursor account

Operating System

MacOS

Version Information

Current Dashboard version

Does this stop you from using Cursor

No - Cursor works, but with this issue

deanrie · March 4, 2026, 2:54pm

Hey, thanks for the report.

When two separate Cursor accounts (personal and team) are linked to the same GitHub account, the dashboard and BugBot shouldn’t mix data between them. We’ve passed this to our security team for review.

A couple of questions that’ll help us look into it faster:

Can you share a screenshot of the analytics page in the dashboard where the personal account data shows up?
What exact message does BugBot show in your personal repositories?

gf-1 · March 4, 2026, 3:14pm

Sure thing:

The message is: “Skipping Bugbot: You are not a member of the team that installed Bugbot. Visit the Bugbot dashboard to update your settings.”

deanrie · March 4, 2026, 3:30pm

Thanks for the screenshots, the issue is really clear.

Your personal account (row 4 in the leaderboard table) is showing up in your team’s analytics, and BugBot is linking your personal repositories to the team installation. Both point to the same root cause: a shared GitHub account connection.

I’ve passed this to the team.

In the meantime, is your personal Cursor account also on a paid plan, or is it on the free tier? That’ll help us narrow down what might be happening on our side.

gf-1 · March 4, 2026, 3:31pm

Yes I’m on the Pro Plan.

Topic		Replies	Views
Security Incident : Cloud Agents created at the wrong place Bug Reports	4	126	December 10, 2025
Empty dashboard graph 2.0 Bug Reports	6	74	March 2, 2026
Chat responses leaking other user's content? Bug Reports	2	104	December 5, 2025
BUG: No Analytics since last year Bug Reports teams-enterprise	1	14	March 5, 2026
"Connect github to background agent" seems to connect to specific personal 3rd party github organization automatically Bug Reports	5	190	August 9, 2025