OpenAI has confirmed a security incident linked to Mixpanel, a third-party web analytics provider, affecting its API product. The breach, occurring on Mixpanel’s systems, allowed an attacker to export limited identifiable information from some OpenAI API users, including names, email addresses, and basic analytics data. Importantly, OpenAI’s core systems, including ChatGPT and associated credentials, remained uncompromised.
Upon discovering the breach, Mixpanel promptly notified OpenAI, who then terminated its services with the provider. OpenAI is actively reaching out to impacted users and conducting extensive security reviews to enhance its vendor security protocols.
Affected users are advised to stay vigilant against phishing threats, verify domains of communications, and enable Multi-Factor Authentication (MFA), though OpenAI is not recommending password resets due to the breach’s nature. For additional support, users can contact OpenAI’s support team.
Source link
