This work systematically evaluates the efficacy of machine unlearning as a defense against membership inference attacks (MIAs). Addressing the open question of whether unlearning inherently enhances MIA resilience, we empirically benchmark prominent unlearning methods—including Exact Unlearning (EU), SISA, and Approximate Model Unlearning (AMU)—against standard MIAs (e.g., shadow training and loss-based attacks) across four multi-domain benchmark datasets spanning image and tabular modalities. Our results demonstrate that machine unlearning is not, by itself, an effective MIA defense; its privacy-preserving effect is highly contingent on both the specific unlearning algorithm and data characteristics—some approaches even exacerbate model vulnerability to MIAs. Crucially, this study is the first to reveal a non-monotonic relationship between unlearning strategies and MIA robustness. These findings provide critical empirical evidence and actionable algorithm-selection guidelines for designing privacy-enhancing systems targeting MIA resistance.

Membership Inference Attacks (MIAs) pose a significant privacy risk, as they enable adversaries to determine whether a specific data point was included in the training dataset of a model. While Machine Unlearning is primarily designed as a privacy mechanism to efficiently remove private data from a machine learning model without the need for full retraining, its impact on the susceptibility of models to MIA remains an open question. In this study, we systematically assess the vulnerability of models to MIA after applying state-of-art Machine Unlearning algorithms. Our analysis spans four diverse datasets (two from the image domain and two in tabular format), exploring how different unlearning approaches influence the exposure of models to membership inference. The findings highlight that while Machine Unlearning is not inherently a countermeasure against MIA, the unlearning algorithm and data characteristics can significantly affect a model's vulnerability. This work provides essential insights into the interplay between Machine Unlearning and MIAs, offering guidance for the design of privacy-preserving machine learning systems.