OpenAI Confirms Security Breaches as Thousands Are Left Vulnerable to Information Leaks
In the age of technological marvels, Artificial Intelligence (AI) chatbot, ChatGPT, created by OpenAI, has been a game-changer. ChatGPT offers personalized restaurant recommendations, table bookings, travel arrangements, and even grocery orders. But beneath the awe-inspiring capabilities lies a startling revelation. A recent bug in the chatbot has exposed users’ payment information, leaving thousands of subscribers vulnerable.
Also Read: Navigating Privacy Concerns: The ChatGPT User Chat Titles Leak Explained
Behind the Glitch That Caused ChatGPT’s Chat History Mishap
You must be wondering who the culprit behind this is. OpenAI, the creator of ChatGPT, detected a bug in the open-source library “redis-py.” This open-source library was used by the AI chatbot. OpenAI took the chatbot offline immediately. They confirmed that the bug allowed some users to view titles from another active user’s chat history. Moreover, it made the first message of newly-created conversations visible in someone else’s chat history if both users were active simultaneously.
Further Investigation Showed ChatGPT Plus Subscriber Information Leak
Upon further investigation, OpenAI discovered another instance of the same bug leaking data from the AI chatbot. It turned out that the bug had unintentionally exposed the payment-related information of 1.2% of ChatGPT Plus subscribers who were active during a specific nine-hour window. The bug exposed affected users’ first and last names, email addresses, payment addresses, the last four digits of their credit card numbers, and credit card expiration dates. However, full credit card numbers remained secure.
Also Read: Is Your Privacy at Risk? How Fog Data Science Trades Location Data
OpenAI’s Response and Reassurances
The bug also caused subscription confirmation emails to be sent to the wrong users during that nine-hour period. This revealed the last four digits of another user’s credit card number. OpenAI has not yet confirmed any instances of misdirected emails before March 20th.
In response to this alarming breach, OpenAI has reached out to notify affected users and reassured them that there is no ongoing risk to their data. The company apologizes for the incident and is committed to safeguarding user data on the AI platform.
ChatGPT’s Chat History Restored with Lessons on AI Security
OpenAI confirmed that the bug had been patched and ChatGPT’s service and chat history feature had been restored—except for a few hours of history. While this incident may serve as a reminder of the potential risks associated with the rapid evolution of artificial intelligence, it also highlights the need for ongoing vigilance and robust security measures to protect user data on such AI platforms.