Not just chat.. How ChatGPT vulnerability led to users’ credit card details being exposed


Mones Hawass books

Sunday, March 26, 2023 12:00 AM

The information was disclosed ChatGPT error During the outage earlier this week just over chat logOn March 20, Microsoft-backed OpenAI temporarily disabled ChatGPT earlier to fix a bug that allowed some users to see the chat history addresses of other users on the popular AI chatbot. Now in an update, the company says the bug may have exposed more information, and that Includes some personal data of ChatGPT Plus subscribers, including their payment information.

Leaked payment information

“After a deeper investigation, we also discovered that the same bug may have caused the unintentional view of payment-related information for 1.2% of ChatGPT Plus subscribers who were active during a specified nine-hour period, and in the hours before ChatGPT went offline on the day,” the company said. Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, last four digits (only) of the credit card number, credit card expiration date, and full credit card numbers were not disclosed at any time,” Open said. AI in update.

It added that it had reached out to notify affected users that their payment information might be exposed. It also claimed that there is no ongoing risk to users’ data.

What is the cause of the error

In a March 22 tweet, OpenAI CEO Sam Altman said that a significant problem with ChatGPT was the result of an “error in an open source library,” and said that “the bug was caught in the open source Redis client library” that OpenAI uses to store user information. in its own server.

However, the company did not disclose the exact number of people affected by the massive. This technical flaw definitely means that users need to be wary of AI tools, including chatbots, and most of the AI ​​tools are still in beta phase, also with the sudden sharp rise in the number of AI tools in the market, it is not clear/certain. Really whether a number of them have been properly tested and come with the necessary security checks.






Leave a Replay