Personal Data of Over One Million Subscribers Compromised in ChatGPT Breach

Written by staff writer.

A subset of ChatGPT subscribers may have had their payment information exposed after a now-fixed software bug allowed other users of the high-profile content-generating platform to access personal details. The leak potentially impacts over one million subscribers.

ChatGPT users were first alerted to a problem on March 20 when they began seeing conversation titles and fragments from other user’s chat history if both users were online at the same time, specifically during a nine-hour window between 01.00 am and 10.00 am (US Pacific Daylight time) on March 20.

ChatGPT is an AI-generated large language model that uses generative pre-trained transformer architecture to generate human-like responses to various written prompts.

The entity behind the ChatGPT platform, San Fransico-based OpenAI, briefly took the platform offline to remedy the problem, which they later attributed to a Redis client open-source library bug. Among other functions, ChatGPT used Redis to cache user information.

“We use the redis-py library to interface with Redis from our Python server, which runs with Asyncio (a library to write concurrent code),” says a statement from OpenAI. “When using Asyncio, requests and responses with redis-py behave as two queues: the caller pushes a request onto the incoming queue, and will pop a response from the outgoing queue, and then return the connection to the pool. If a request is cancelled after the request is pushed onto the incoming queue but before the response popped from the outgoing queue, we see our bug. The connection thus becomes corrupted, and the next response that’s dequeued for an unrelated request can receive data left behind in the connection.”

OpenAI said in most cases, this caused an unrecoverable server error. But in some cases, some corrupted data matched the data type requested. “What gets returned from the cache appears valid, even if it belongs to another user,” they said.

An accidental early morning change to OpenAI’s servers caused a spike in Redis request cancellations, creating a small probability for each connection to return bad data.

Meanwhile, it also emerged that in that nine-hour window, before ChatGPT went offline, some active users could see the personal account information of other active users, including full name, partial credit card details, expiry date, and billing address. OpenAI says approximately 1.2 million of its 100 million subscribers may be impacted.

To see another user’s information, the ChatGPT user would have needed to click on the Manage My Subscription button in the My Account section of the platform. That may have then revealed another person’s details. OpenAI says they are still determining if this information was available before March 20.

“The Redis open-source maintainers have been fantastic collaborators, swiftly addressing the bug and rolling out a patch,” says OpenAI, adding that open-source software played a big role in developing the ChatGPT platform and now helps keep it running. “Their significance cannot be understated. We would not have been able to scale ChatGPT without Redis.”

Two days after the data leak, OpenAI CEO Sam Altman apologized to users, also saying that OpenAI believed the number of users who had significant data disclosed was “exceeding low.”