OpenAI has fallen victim to a hack. Criminals have made off with API user data through analytics provider Mixpanel.
Hackers have stolen data from analytics provider Mixpanel. Mixpanel was the analytics provider for OpenAI and the criminals made off with OpenAI user data. The impact for the general public is somewhat limited, as the stolen data only relates to users of the OpenAI API. Those who only use ChatGPT are therefore not affected.
OpenAI itself shares the impact of the hack. The company worked with Mixpanel for data about the usage of its services. Specifically, this concerns data related to the APIs (platform.openai.com).
Not their own systems
OpenAI emphasizes that its own systems were not breached. No chats, API requests, usage data, passwords, keys, payment details, or identity information were compromised. Through Mixpanel, however, the hackers were able to access data such as the name linked to the API account, the associated email address, the estimated location of a user, the OS used, and the user ID associated with the API account.
read also
‘OpenAI Needs more than 200 Billion Dollars by 2030’
In response, OpenAI has removed Mixpanel from its systems. OpenAI is now working with Mixpanel to further analyze the impact. The company will inform affected users and organizations directly.
At this time, there is no indication of further misuse. The danger of this hack is the same as the danger with similar data breaches: while criminals cannot directly use the stolen data, they have new ammunition to set up targeted and credible phishing campaigns. Especially when this data is correlated with other data from other hacks, where for example the same email address appears, the risk increases. Every data breach allows criminals to automatically build detailed profiles of potential targets.