OpenAI taking claims of data breach ‘seriously’
7 February 2025, 12:04
The ChatGPT maker says it takes claims of a breach ‘seriously’, but says it has not seen any evidence of a compromise of its system ‘to date’.
OpenAI said it is taking reports of a data breach “seriously” but said it has not yet seen any evidence of its systems being compromised.
Reports on Friday said a hacker claimed to have obtained the log-in information for 20 million OpenAI accounts, including passwords and email addresses.
The claims were made on a hacking forum, where the threat actor provided what they alleged was a sample of the data obtained and offered to sell the full batch.
The credibility of the claims has not been verified, but in a statement OpenAI said it was looking into the reports.
“We take these claims seriously,” an OpenAI spokesperson said.
“We have not seen any evidence that this is connected to a compromise of OpenAI systems to date.”
The AI firm is the maker of ChatGPT, the AI chatbot which has exploded in popularity since its original launch in late 2022.
Cybersecurity expert Jamie Akhtar, chief executive and co-founder of CyberSmart, said consumers should exercise additional caution by updating passwords and log-in credentials, and warned that cybercriminals could look to exploit the incident.
“If verified, this breach could have huge ramifications, both for OpenAI and its customers,” he said.
“Millions of people and businesses have embraced the company’s technology into their daily lives, so the potential damage to OpenAI’s reputation for data security could be huge.
“Worse still, compromised accounts could be used to access and abuse sensitive customer data or to exploit OpenAI’s APIs and distribute malware and other cyber nasties.
“There’s also the possibility of cybercriminals using stolen user credentials to produce targeted phishing campaigns, steal identities, or commit financial fraud.
“Although this breach is yet to be verified by OpenAI, anyone using the tool should update their passwords and credentials, as a precaution.
“And, if you haven’t already, switch on multi-factor authentication within OpenAI’s settings, as this should give you another layer of protection even if your password has been compromised.”
