This was not the only ChatGPT security issue that came to light last week. The blog post describes the technical details of the issue and the action taken by the company in response. We are confident that there is no ongoing risk to users’ data,” OpenAI said in a blog post. “We have reached out to notify affected users that their payment information may have been exposed. OpenAI has confirmed that the information was exposed during a nine-hour window on March 20, but admitted that information may have been leaked prior to March 20 as well. This information may have been included in subscription confirmation emails sent on March 20 and it may have also been displayed in the subscription management page in ChatGPT accounts on the same day. The bug also exposed payment-related information belonging to 1.2% of ChatGPT Plus subscribers, including first and last name, email address, payment address, payment card expiration date, and the last four digits of the customer’s card number. The bug introduced by OpenAI resulted in ChatGPT users being shown chat data belonging to others.Īccording to OpenAI’s investigation, the titles of active users’ chat history and the first message of a newly created conversation were exposed in the data breach. The Redis-py library serves as a Python interface. The chatbot’s developers use Redis to cache user information in their server, to avoid having to check the database for every request. The issue was related to ChatGPT’s use of Redis-py, an open source Redis client library, and it was introduced by a change made by OpenAI on March 20. OpenAI said on Friday that it had taken the chatbot offline earlier in the week while it worked with the maintainers of the Redis data platform to patch a flaw that resulted in the exposure of user information. ChatGPT creator OpenAI has confirmed a data breach caused by a bug in an open source library, just as a cybersecurity firm noticed that a recently introduced component is affected by an actively exploited vulnerability.
0 Comments
Leave a Reply. |