OpenAI Reports Data Breach Affecting ChatGPT Users
OpenAI has confirmed a data breach originating from Mixpanel, a third-party analytics provider, potentially exposing user information including names, email addresses, and account locations.
Key Details of the Breach
The security incident occurred at Mixpanel, a service OpenAI used to track activity on its API dashboard. Importantly, this breach did not affect the main ChatGPT product interface.
While many users received security alerts, OpenAI clarifies that most ChatGPT users are not impacted. The company has since removed Mixpanel from its production services and launched an investigation.
What Information Was Exposed?
- User names and email addresses linked to OpenAI API accounts
- Geographic locations of account holders
- Technical details including operating systems and browsers used
- Referring websites and associated organization/user IDs
What Information Remains Secure?
OpenAI has confirmed that several critical data types were not compromised:
- Chat logs and conversation history
- Passwords and API keys
- Payment information and billing details
- Government identification documents
OpenAI’s Response
The company is directly notifying all affected organizations, administrators, and users. This incident highlights the importance of in third-party vendor relationships for major tech platforms.
