OpenAI's analytics partner was hacked, but there appears to be no harm to regular chatbot users.
Business Insider reported on the 27th that OpenAI said a security breach at the web analytics platform Mixpanel may have exposed user information from its developer platform. Potentially exposed information includes some API users' IDs and names, emails, approximate locations, and the operating systems (OS) and browsers they primarily used. An API is a tool that allows external developers to use a company's software or services.
OpenAI warned that the leaked information could be exploited for phishing targeting developers and urged caution about messages impersonating the company. However, OpenAI emphasized, "This is not a breach of OpenAI systems," and "there is no impact on ChatGPT users (who are not using API products)."
Jake Moore, global cybersecurity advisor at security firm ESET, said, "The leaked data is low sensitivity," but noted, "When combined, the information could be used to craft persuasive scam messages."
Mixpanel has collected and analyzed usage patterns of OpenAI's API product users. Following the security incident, OpenAI has suspended its use of Mixpanel's services. In a separately released statement, Mixpanel explained that the security incident was smishing, which uses text messages to steal information.