- AI Platforms & Assistants
- OpenAI
Data analytics firm involved with OpenAI's developer platform was compromised
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Shutterstock / Mehaniq)
- OpenAI has apologized for a data breach that compromised one of its partners
- Mixpanel, a data analytics outfit that OpenAI used, had its systems breached
- The leaked details pertain to software developers using OpenAI's developer platform, and not everyday users of ChatGPT
OpenAI has issued an apology for a data breach suffered by one of its partners that has caused some emails, user locations and telemetry data to be leaked.
Mixpanel is the third-party in question, a data analytics outfit that OpenAI used with its platform.openai.com portal. This is OpenAI's developer platform (used by software developers to integrate AI functionality into their products) for which Mixpanel facilitated web analytics.
- Amazon Black Friday deals are live: here are our picks!
It's important to note that this is not a breach related to ChatGPT, but to said analytics company which is entirely separate from OpenAI. The details leaked only relate to software developers, not everyday users of ChatGPT, as OpenAI makes clear in its full statement on the matter (spotted by Windows Central).
You may like-
Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
-
ChatGPT outage live - widespread issues appear to be resolved
-
ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe
That statement covers a number of concerns, which, as you might imagine, start with people seeing headlines about a 'ChatGPT data breach' and panicking that their user details might have been leaked, or maybe even their private conversations with ChatGPT.
OpenAI tells us: "Users of ChatGPT and other products were not impacted.
"This was not a breach of OpenAI's systems. No chat, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised or exposed."
What was exposed then?
OpenAI informs us that the breach of Mixpanel's systems "involved limited analytics data related to some users of the API", so only some developers on that platform have been hit.
Get daily insight, inspiration and deals in your inboxContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.OpenAI is in the process of contacting those affected, and the details leaked are certain pieces of user profile information, which includes the following:
- Name that was provided on the API account
- Email address associated with the API account
- Approximate coarse location based on API user browser (city, state, country)
- Operating system and browser used to access the API account
- Referring websites
- Organization or User IDs associated with the API account
OpenAI again clarifies that "OpenAI passwords, API keys, payment information, government IDs, and account access credentials were not impacted" for any developers.
Is there a danger of unforeseen repercussions or more revelations to come?
OpenAI assures us: "While we have found no evidence of any effect on systems or data outside Mixpanel's environment, we continue to monitor closely for any signs of misuse."
You may like-
Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
-
ChatGPT outage live - widespread issues appear to be resolved
-
ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe
This doesn't fully rule out that there might be further problems that OpenAI's ongoing investigation could turn up, but it very much seems that any issues are going to lie with software developers here.
What is OpenAI doing about this?
OpenAI is obviously taking this incident seriously and Mixpanel's services have been terminated. OpenAI also says that it's conducting "expanded security reviews across our vendor ecosystem" in light of the incident and "elevating security requirements" for all its partners. Which suggests that OpenAI acknowledges its failure in judgement in terms of employing this particular partner.
Because there's bound to be some concern over how this reflects on OpenAI more broadly – even though the breach wasn't its fault – it seems a sensible move for OpenAI to go back and vet the other firms that it works with, bearing this recent breach firmly in mind.
Nothing to worry about – but nonetheless, here's a security reminder
Hopefully what's been reported by OpenAI here will be the full extent of the breach after the investigation into the incident has been fully signed off. For those affected, that won't be much of a comfort, but as noted, that should only be software developers who use OpenAI's API platform.
Due to the limited nature of the breach, OpenAI is not recommending that even developers should reset their passwords.
However, in its mini-FAQ at the end of the statement, OpenAI advises that all users should enable multi-factor authentication (MFA) on their accounts if they haven't already, even though developer account details weren't involved in the breach. This is simply because MFA really should be used with any online account you have, where available, as best security practice.
Adding another authentication step on top of entering your password – such as receiving a code by text to your phone – means that if your user and password details are ever leaked, you have a failsafe that prevents someone trying to compromise your account from logging in.
The best computers for all budgetsOur top picks, based on real-world testing and comparisons➡️ Read our full guide to the best computers1. Best Windows: Dell Tower Plus2. Best Mac: Apple Mac mini M43. Best Mac AIO:Apple iMac 24-inch (M4)
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
TOPICS AI Darren AllanDarren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
ChatGPT outage live - widespread issues appear to be resolved
ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe
Microsoft warns a key OpenAI API is being exploited to launch cyberattacks
OpenAI bans Chinese, North Korean hacker accounts using ChatGPT to launch surveillance
ChatGPT is down - Everything we know about the latest AI outage impacting OpenAI
Latest in OpenAI
Amazon blocks ChatGPT shopping agent – what the fallout could mean for you
ChatGPT vs Gemini vs Perplexity: Which AI is your smartest shopper?
Sam Altman wants his AI device to feel like 'sitting in the most beautiful cabin by a lake,' but it sounds more like endless surveillance
ChatGPT’s new voice integration feels like the missing piece in AI chat
5 things you need to know about ChatGPT's big voice mode update
ChatGPT’s Agent feature lets you assign tasks and walk away – here’s how
Latest in News
OpenAI apologizes for big Mixpanel data breach that exposed emails and more
Claude Opus 4.5 is now live and "meaningfully better" at everyday tasks
NYT Connections hints and answers for Friday, November 28 (game #901)
NYT Strands hints and answers for Friday, November 28 (game #635)
Quordle hints and answers for Friday, November 28 (game #1404)
Marvel Rivals is having a Black Friday Blowout to celebrate the game's first anniversary – here's how it works
LATEST ARTICLES- 1Opera Neon’s AI researcher does in one minute what used to take a dozen tabs
- 2Maybe don't trust every Windows Update without checking - hackers hijack images to spread dangerous malware
- 3Malicious Blender model files deliver StealC infostealing malware
- 4Missouri to enforce mandatory age verification in three days
- 5NYT Connections hints and answers for Friday, November 28 (game #901)
