OpenAI has confirmed a security breach affecting ChatGPT users’ personal data following unauthorized access to third-party analytics provider Mixpanel on November 9. The compromised information includes user names, email addresses, location data, and browser details. Importantly, OpenAI clarified that this incident did not involve a breach of its systems; thus, no chat logs, API requests, passwords, or payment details were jeopardized. Only those with API access were affected. OpenAI is conducting a thorough security investigation and has removed Mixpanel from its services. While there’s no evidence of misuse of the stolen data, the company advises users to be vigilant against potential phishing and social engineering attacks. This marks the second security incident affecting ChatGPT users, prompting OpenAI to initiate expanded security reviews and enhance partner security requirements to ensure user privacy and data protection remain a top priority.
Source link
