ChatGPT bug may have exposed some users’ payment information: OpenAI
ChatGPT creator OpenAI has admitted that some users’ payment information may have been exposed earlier this week when it took ChatGPT offline due to a bug.
According to the company, the Microsoft-owned company took ChatGPT offline due to a bug in the open source library that allowed some users to see items from another active user’s chat history.
“It is also possible that the first message of a newly created conversation appeared in someone else’s chat history if both users were active around the same time,” the company said.
The bug has been fixed and the ChatGPT service and its chat history feature, with the exception of a few hours of history, has been restored.
However, upon deeper investigation, OpenAI found that the same bug may have caused the inadvertent exposure of “payment-related information for 1.2 percent of ChatGPT Plus subscribers who were active during a specific nine-hour period.”
“In the hours before we took ChatGPT offline, some users saw another active user’s first and last name, email address, billing address, credit card number (only) last four digits, and credit card expiration date. . Full credit card numbers were never revealed,” the company said. revealed.
Due to an error, some order confirmation emails generated during that window were sent to the wrong users.
These emails contained the last four digits of another user’s credit card number, but the full credit card numbers were not displayed.
“It is possible that a small number of order confirmation emails may have been misdirected prior to March 20, although we have not confirmed any cases of this,” OpenAI said.
The company said it has reached out to notify affected users that their payment information may have been exposed.
“We are confident that there is no ongoing risk to users’ data,” it added, apologizing again to users and the entire ChatGPT community.
The bug was found in a Redis client open source library called “redis-py”.
Read all the Latest Tech News here.
