The recent incident of the ChatGPT data breach came as a shock to millions of users and other companies worldwide because thousands of its paid subscribers could suffer more because of it. Let’s understand what precisely this ChatGPT Data breach was, how it happened, and what kind of sensitive information was leaked.
Did ChatGPT suffer a data breach?
Yes, globally popular AI and Natural Language processing-based ChatGPT suffered the first significant Data Breach incident on March 20, 2023. This happened during the outage time window because of a software bug located in the Redis-py open-source library. OpenAI published a detailed article about this Data Breach incident covering the causes involved, the type of information leaked, technical details, and actions taken to fix the bug.
Immediately after the breach, OpenAI disrupted ChatGPT services for a few hours to investigate the significant causes. What’s most bothersome to experts worldwide is personal data of millions of users becoming vulnerable to leaks, resulting in the data exposure of plus-ChatGPT subscribers.
This accident emphasizes the paramount need to take additional measures for companies and ChatGPT users to save their personal data. Although, OpenAI released a statement apologizing to the users and ChatGPT community worldwide, ensuring to work dedicatedly and responsibly to regain trust.
What data was breached from Chatgpt
The following data was exposed/breached during the nine-hour outage window from ChatGPT, as explained by OpenAI.
- Some users could view the titles of other active users’ Chat history.
- Some users could view the first messages of newly-created conversations of others at times when both were active.
- Payment-related data, such as the First name, last name, email address, payment address, credit card last four digits, and type of 1.2% of ChatGPT plus-service subscribers become leaked or visible via 1) Subscriptions confirmations mails 2) “Manage my subscription” Section in the user’s ChatGPT accounts.
Does ChatGPT have access to my data?
Yes, ChatGPT can access different data of its users with active accounts, which involves the following-
- ChatGPT employees view and store the Chat conversations to improve the capabilities of its artificial bots in providing accurate answers to users’ queries.
- Account Information, including name, account credentials, and payment card information.
- User Content, including queries inputs, feedback, and uploaded files.
- Personal Information, including Log Data, usage data, and Device Information.
What is the data breach in ChatGPT?
The data Breach in ChatGPT involves exposing the above-described sensitive information due to a technical error in the bug. After identifying the bug, OpenAI contacted the redis maintainers with a solution to fix the issue. They extensively tested the applied measure to prevent any future data breaches.
After the incident, OpenAPI sent alerts to the affected users whose payment-related data was exposed to other ChatGPT users. The company assured us not to repeat the current data break episode in the future by committing to safeguard users’ data and privacy.
