Recently, Reddit users shared screenshots showing ChatGPT sidebars displaying other users’ previous chat histories. OpenAI shut down the chatbot for about 10 hours to investigate after it was revealed that conversation titles could be seen by other users.
Personal data leak confirmed
After investigating, OpenAI shared initial findings, revealing the problem to be much bigger. In addition to the chat history issue, it was determined that personal data of 1.2% of ChatGPT Plus subscribers may have been exposed.
According to the AI company’s statement, some users were able to access others’ full names, email addresses, payment addresses, last four digits of credit card numbers, and expiration dates. OpenAI updated the Redis client, which they referred to as an open-source library, to fix the issue.
OpenAI’s statement discussed two different situations for the personal data leak. In both cases, users could access others’ information in two different ways:
Between 1:00 and 10:00 Pacific Time on March 20, due to an error, subscription confirmation emails were sent to the wrong users. These emails contained the last four digits of another user’s credit card number but not the full number. A small number of confirmation emails may have been misaddressed before March 20, but no instances have been confirmed.
In ChatGPT, between 1:00 and 10:00 Pacific Time on March 20, by clicking on “My Account” and then “Manage My Subscription,” a window could display another active ChatGPT Plus user’s full name, email address, payment address, last four digits of a credit card number, and expiration date. Although no instances of this have been confirmed, it may have occurred before March 20.
The company stated that additional measures have been taken to prevent such incidents in the future and affected users have been notified. OpenAI will now regularly review logs to ensure all messages are accessible only by the correct users and will implement improved log recording.
The recent popularity of ChatGPT has made users uneasy about such issues. OpenAI argues the situation is not severe. What are your thoughts on this matter? Share your opinions in the comments section.
{{user}} {{datetime}}
{{text}}