A recent data breach at Mixpanel Inc. has compromised account information for some OpenAI Group PBC users, as disclosed by OpenAI on Wednesday. The breach, which occurred after hackers exploited SMS phishing to infiltrate Mixpanel’s systems, affected OpenAI’s data collection for API interactions. Mixpanel promptly informed OpenAI, which received a dataset detailing the compromised information. Affected users’ names, email addresses, and locations were accessed, though no payment details or API prompts were compromised. OpenAI advised users against password resets but warned of potential phishing threats utilizing the stolen data. In response to the incident, OpenAI has eliminated Mixpanel from its systems and will enforce stricter cybersecurity measures for suppliers. The breach highlights vulnerabilities in analytics tools and the importance of observability across APIs and integrations. Mixpanel, serving over 29,000 customers, has secured affected accounts and implemented measures to prevent further threats.
Source link
