ChatGPT Suffered From a Major Data Breach Exposing its Subscribers
Table of Contents
- By Steven
- Mar 27, 2023
ChatGPT is OpenAi's chatbot designed to simulate conversations with other people. The tool utilizes a massive language model to produce realistic and believable responses for a conversation. OpenAI offers a subscription service known as ChatGPT Plus that offers preferential access to the powerful AI system for subscribers. Some of these subscribers were exposed in the first-ever ChatGPT data breach that occurred in March this year. The data leak was a system error, but it could have put users at risk even if it was not the result of a direct attack from hackers.
How Did the Attack Occur?
On March 20th, the Chat GPT service suffered from an outage for several hours. During that time, many of the ChatGPT Plus subscribers were exposed by a data breach. The breach gave away personal and financial information about the users and could be very harmful to the individuals that were using the service within a 9-hour window around that period of time. During the offline period of the service, other users were able to see personal information about some of the users on the system, and this is how the data was exposed.
What Information Was Viewed or Stolen?
During the ChatGPT outage period, users were able to see the first and last names, email addresses, payment addresses, last four credit card number digits, and credit card expiration dates of some of the users. Approximately 1.2% of all the ChatGPT Plus users were exposed by this glitch. This data breach never exposed the full credit card numbers for the individuals, but it is still a loss of privacy, and it will likely make users second-guess using the program in the future, knowing that the information they input may not all be protected.
How Did OpenAI Admit to the Breach?
OpenAI released a blog post on March 24th, letting its user base know they may have been put at risk. The post details the outage period, explains what information may have been leaked to other users, and it gives details helping users determine if their information may have been involved in the leak or not. The blog is open and honest, and it shows that Open Ai is dedicated to informing its user base.
What Will Become of the Stolen Information?
The information stolen in this ChatGPT breach is likely to be saved in a database, and some attackers will attempt to use it for phishing attacks. If you use ChatGPT, look out for strange emails and never open links from individuals you don't know and trust.
What Should Affected Parties Do in the Aftermath of the Breach?
Since full credit card details weren't released, it's unlikely that your financial accounts can be impacted by the cyber attack. It's still important to monitor your credit card and to watch for any strange activity. Be careful to avoid clicking on strange links, and never email confidential or financial information to anyone. If you follow these safety standards, you should be able to avoid most issues related to this breach.