OpenAI says it is investigating after a hacker claimed having swept login details for 20 million of the user accounts of the AI company – and offered them for sale on a dark web forum.
The pseudonymous breaks placed a cryptic message in the Russian advertisement “call more than 20 million access codes for OpenAI accounts”, “call a Goldmine” and offer potential buyers what they claimed contained that sample data contained with e -mail addresses and passwords. As reported by GBHACKERS, the entire dataset was offered for sale “for just a few dollars”.
Image: Gbhackers
“I have more than 20 million access codes for OpenAI accounts,” Emirking wrote on Thursday, according to a translated screenshot. “If you are interested, reach out – this is a gold mine and Jesus agrees.”
If it is legitimate, this would be the third major security incident for the AI company since the release of Chatgpt to the public. Last year a hacker gained access to the company’s internal Slack Messaging system. According to the New York Times, the hacker “stole details about the design of the company’s AI technologies.”
Before that, in 2023 in 2023, Hackers could entail an even simpler bug with jailbreaking prompts with the private data of the paying customers of OpenAI.
This time, however, security researchers are not even sure that a hack has occurred. Dot Reporter Mikael Thalan wrote on X that he found invalid e -mail addresses in the supposed sample data: “No proof (suggests) This alleged OpenAI infringement is legitimate. At least two addresses were invalid. The only other post of the user is on the forum is For a stealer log.
No proof that this alleged OpenAI infringement is legitimate.
Contacted each e -mail address from the alleged example of login details.
At least 2 addresses were invalid. The only other message from the user on the forum is for a stealer logbook. Wire has also been removed since then. https://t.co/ykpmxkqhsp
“We take these claims seriously,” said the spokesperson and added: “We have not seen any evidence that this has so far been connected to a compromise of OpenAI systems.”
The scope of the alleged infringement aroused concern because of the enormous user base of OpenAi. Millions of users worldwide rely on the company’s tools such as Chatgpt for business activities, educational purposes and generating content. A legitimate infringement can uncover private conversations, commercial projects and other sensitive data.
Until there is a final report, some preventive measures are always advisable:
Go to the “Configurations” tab, log in with all connected devices and engage two-factor authentication or 2FA. This makes it virtually impossible for a hacker to access the account, even if the login and passwords are compromised.
If your bank supports this, create a virtual card number to manage OpenAi subscriptions. In this way it is easier to recognize and prevent fraud.
Always keep an eye on the conversations stored in the memory of the chatbot and pay attention to any phishing attempts. OpenAI does not require personal information and every payment update is always handled via the official link of OpenAI.com.
Published by Andrew Hayward
Generally intelligent Newsletter
A weekly AI trip told by Gen, a generative AI model.
