ChatGPT Vulnerability May Have Exposed Users’ Payment Information

Written by

A ChatGPT vulnerability may have exposed payment-related information of some customers of the AI tool, as well as allowing titles from some active user’s chat history to be viewed, OpenAI has revealed.

In a blog post published on March 24, 2023, the company provided details of a data breach caused by a bug in an open source library, which forced it to take ChatGPT temporarily offline on Monday March 20.

After patching the vulnerability, OpenAI was able to restore both the Chat GPT service and, later, its chat history feature, with the exception of a few hours of history.

The company, co-founded by Twitter and Tesla CEO Elon Musk, said the bug “may have caused the unintentional visibility of payment-related information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window.”

In this window prior to ChatGPT being taken offline on March 20, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits of a credit card number and credit card expiration date. However, OpenAI emphasized that “full credit card numbers were not exposed at any time.”

The company added that the number of users whose data was exposed in this way was “extremely low” and “we are confident that there is no ongoing risk to users’ data.”

Impacted customers have been notified that their payment information may have been exposed.

The data could have been accessed in two ways during a specific nine-hour window:

  1. Opening a subscription confirmation email sent on March 20 between 1.00-10.00am PST. This is because some of these emails generated during that window were sent to the wrong users as a result of the bug, displaying their payment information.
  2. In ChatGPT, clicking on ‘My account,’ then ‘Manage my subscription’ during the same timeframe, which may have displayed the payment information of another active ChatGPT user.

OpenAI admitted it is possible these issues could have occurred prior to this nine-hour window, but have not confirmed any instances of this.

The vulnerability was discovered in the Redis client open-source library, redis-py. It was caused by OpenAI inadvertently introducing a change to its server that caused a spike in Redis request cancellations, creating a small chance of each connection returning bad data.

The AI chatbot’s developers use Redis to cache user information in their server, to avoid having to check the database for every request.

OpenAI apologized for the breach and outlined steps it has taken to improve its systems. These include adding redundant checks to ensure the data returned by the Redis cache matches the requesting user and programatically examining its logs to make sure that all messages are only available to the correct user.

The company stated: “Everyone at OpenAI is committed to protecting our users’ privacy and keeping their data safe. It’s a responsibility we take incredibly seriously. Unfortunately, this week we fell short of that commitment, and of our users’ expectations. We apologize again to our users and to the entire ChatGPT community and will work diligently to rebuild trust.”

A number of security issues have been raised about ChatGPT following the chatbot’s highly publicized launch in November 2022. These include fears it will be used to create malware and sophisticated phishing campaigns as the technology matures.

Additionally, data privacy experts have criticized OpenAI’s data-scraping method to collect the data ChatGPT is based on.

Editorial image credit: AlpakaVideo / Shutterstock 

What’s hot on Infosecurity Magazine?