ChatGPT suffers a massive data breach. (Bloomberg)

Massive Data Breach: India Hit Hardest by ChatGPT Account Hacking

Febin MathewJune 23, 23 Artificial Intelligence, ChatGPT, cybersecurity, India

ChatGPT, the generative conversational chatbot developed by OpenAI, has become a global sensation since its public release in November 2022. With millions of users worldwide, it is one of the most popular artificial intelligence tools available. Unfortunately, this popularity has also made it a prime target for hackers and malicious actors. A recent report has revealed that ChatGPT has experienced a significant data breach, affecting over 100,000 accounts. The situation is further compounded by the fact that India is one of the countries most impacted by this breach.

Group-IB, a Singaporean cyber security company, has released a report revealing that as many as 101,134 accounts have been hacked. The report stated: “The number of logs containing compromised ChatGPT accounts peaked at 26,802 in May 2023. According to Group-IB’s findings, the Asia-Pacific region has seen the highest number of ChatGPT credentials offered in recent years.” Group-IB’s Threat Intelligence platform found these compromised credentials in logs of data-stealing malware traded on illegal dark web markets over the past year.

India and Pakistan are among the worst affected countries

The report analyzes the period from June 2022 to March 2023 and found that data-stealing malware Raccoon, Vidar and Redline were the top three thieves associated with compromised accounts.

“Asia-Pacific had more than 40,000 compromised accounts between June 2022 and May 2023. India is the most affected country, with more than 12,000 stolen credentials sold. The biggest threat to ChatGPT users due to exposed credentials is the disruption of conversations between users and ChatGPT disclosure, which may include other sensitive information, be it personally identifiable information or job-related information, including sensitive company information,” Satnam Narang, Senior Staff Research Engineer at Tenable told ReturnByte. Tenable is a cybersecurity company based in Columbia, Maryland.

Other regions affected by the attack include the Middle East and Africa (24,925 compromised accounts), Europe (16,951 compromised accounts), and Latin America (12,314 compromised accounts).

Use 2-factor authentication for security

Group-IB has also issued guidelines to mitigate such incidents. It stated: “To reduce the risks associated with compromised ChatGPT accounts Group-IB advises users to update their passwords regularly and enable two-factor authentication. By enabling 2FA, users must provide an additional verification code, usually sent to their mobile devices, before they can access their ChatGPT accounts .