OpenAI has confirmed that ChatGPT had recently suffered a data breach. The breach was due to a vulnerability in an open-source library Redis-py, which is used by the chatbot’s developer to cache user information on their server. The vulnerability allowed some users to see titles and the first message from another active user’s chat history. It also exposed payment-related information belonging to 1.2% of ChatGPT Plus subscribers. Some of that information included first and last name, email address, payment address, payment card expiration date and the last four digits of the customer’s card number. OpenAI has since reached out to affected users notifying them that their payment information may have been exposed.
https://openai.com/blog/march-20-chatgpt-outage
This segment was created for the It’s 5:05 podcast