Tabular diffusion models pose membership inference risks, yet effective black-box attacks remain underexplored. Method: We propose MIA-EPT, a black-box membership inference attack leveraging error-prediction features—generated via attribute masking and reconstruction error extraction—trained solely on synthetic samples without accessing model internals. Contribution/Results: This is the first work to introduce error-driven features for membership inference against tabular diffusion models, achieving strong generalizability and practicality. On three state-of-the-art diffusion synthesizers, MIA-EPT attains an AUC-ROC of 0.599 and a TPR@10% FPR of 22.0%. It ranked second in the MIDST 2025 Black-Box Multi-Table Track (TPR@10% FPR = 20.0%), empirically exposing critical privacy vulnerabilities in current synthetic data generation frameworks.

Synthetic data generation plays an important role in enabling data sharing, particularly in sensitive domains like healthcare and finance. Recent advances in diffusion models have made it possible to generate realistic, high-quality tabular data, but they may also memorize training records and leak sensitive information. Membership inference attacks (MIAs) exploit this vulnerability by determining whether a record was used in training. While MIAs have been studied in images and text, their use against tabular diffusion models remains underexplored despite the unique risks of structured attributes and limited record diversity. In this paper, we introduce MIAEPT, Membership Inference Attack via Error Prediction for Tabular Data, a novel black-box attack specifically designed to target tabular diffusion models. MIA-EPT constructs errorbased feature vectors by masking and reconstructing attributes of target records, disclosing membership signals based on how well these attributes are predicted. MIA-EPT operates without access to the internal components of the generative model, relying only on its synthetic data output, and was shown to generalize across multiple state-of-the-art diffusion models. We validate MIA-EPT on three diffusion-based synthesizers, achieving AUC-ROC scores of up to 0.599 and TPR@10% FPR values of 22.0% in our internal tests. Under the MIDST 2025 competition conditions, MIA-EPT achieved second place in the Black-box Multi-Table track (TPR@10% FPR = 20.0%). These results demonstrate that our method can uncover substantial membership leakage in synthetic tabular data, challenging the assumption that synthetic data is inherently privacy-preserving. Our code is publicly available at https://github.com/eyalgerman/MIA-EPT.