OpenAI was forced to take its wildly popular ChatGPT bot offline for emergency maintenance on Tuesday after a user was able to exploit a bug in the system to recall titles from other users’ chat histories. On Friday, the company announced its first results of the incident.
In Tuesday’s incident, users posted screenshots on Reddit indicating that their ChatGPT sidebars featured previous chat histories from other users. Only the conversation title, not the text itself, was visible. OpenAI, in response, took the bot offline for nearly 10 hours to investigate. The results of this investigation revealed a deeper security issue: the chat history bug may also have exposed the personal data of 1.2% of ChatGPT Plus subscribers (an enhanced access plan of $20/month).
“In the hours leading up to ChatGPT going offline on Monday, it was possible for some users to see first and last name, email address, payment address, last four digits (only) of “a credit card number and another active user’s credit card expiration date. Full credit card numbers were not exposed at any time,” the OpenAI team wrote on Friday . The issue has since been fixed for the faulty library that OpenAI has identified as the open source Redis client library, redis-py.
The company downplayed the likelihood of such a breach occurring, arguing that one of the following criteria would have to be met to put a user at risk:
– Open a subscription confirmation email sent on Monday, March 20, between 1 a.m. and 10 a.m. PT. Due to the bug, some subscription confirmation emails generated during this window were sent to the wrong users. These emails contained the last four digits of another user’s credit card number, but the full credit card numbers did not appear. It is possible that a small number of subscription confirmation emails were misdirected prior to March 20, although we have not confirmed any instances of this.
– In ChatGPT, click on “My account”, then “Manage my subscription” between 1 a.m. and 10 a.m. Pacific time, Monday, March 20. During this window, another asset The ChatGPT Plus user’s first and last name, email address, payment address, last four digits (only) of a credit card number, and card expiration date credit may have been visible. It’s possible this also happened before March 20, although we haven’t confirmed any cases.
The company has taken additional steps to prevent this from happening in the future, including adding redundant checks to library calls, “reviewed our logs programmatically to ensure that all messages are only available to the correct user” and “improved logging to identify when this is happening and fully confirm that it has stopped.” The company says it has also reached out to affected users to alert them to the issue.
This news follows a costly public misstep committed by Google rival Bard AI in February when he falsely assured Twitter that the JWST was the first telescope to image an exoplanet, along with revelations that CNET had surreptitiously used generative AI to write financial explainers (a week before dismiss a significant part of its editorial department). Whether OpenAI will suffer the same market-based repercussions as its competitors remains to be seen.
