OpenAI is informing some customers that they might be impacted by a latest knowledge breach at product analytics and event-tracking options supplier Mixpanel.
Mixpanel disclosed the safety incident on Thursday, saying that it was detected on November 8. The corporate described it as a “smishing marketing campaign” and famous {that a} “restricted variety of clients” are affected.
The corporate didn’t share any technical info on the intrusion, however identified that it secured affected accounts, rotated compromised credentials, revoked lively periods, reset worker passwords, and blocked malicious IPs in response to the incident.
Whereas Maxpanel shared little info on the cyberattack, OpenAI, one of many affected clients, has offered extra particulars relating to influence.
The AI large makes use of Mixpanel for internet analytics, to assist it perceive product utilization and enhance the API product (platform.openai.com).
OpenAI stated there was no unauthorized entry to its personal infrastructure and the info breach didn’t have an effect on ChatGPT chat content material, prompts, responses, or API utilization knowledge. OpenAI passwords, API keys, fee info, account credentials, and authorities IDs weren’t compromised.
“Customers of ChatGPT and different merchandise weren’t impacted,” OpenAI stated.
Nonetheless, the attacker did steal “a dataset containing restricted buyer identifiable info and analytics info”. Commercial. Scroll to proceed studying.
Particularly, the hackers obtained consumer profile info related to ‘platform.openai.com’, together with title, electronic mail handle, approximate location primarily based on the consumer’s browser (comparable to metropolis, state, and nation), working system and browser, group or consumer ID, and referring web site.
OpenAI warned that the compromised info may very well be helpful to menace actors for phishing and social engineering assaults.
“As a part of our safety investigation, we eliminated Mixpanel from our manufacturing companies, reviewed the affected datasets, and are working carefully with Mixpanel and different companions to totally perceive the incident and its scope. We’re within the means of notifying impacted organizations, admins, and customers immediately. Whereas we have now discovered no proof of any impact on methods or knowledge exterior Mixpanel’s setting, we proceed to observe carefully for any indicators of misuse,” OpenAI stated.
Associated: SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
Associated: WormGPT 4 and KawaiiGPT: New Darkish LLMs Increase Cybercrime Automation
Associated: Microsoft Highlights Safety Dangers Launched by New Agentic AI Function
