More than 100K ChatGPT logins have been leaked on dark web
More than 100,000 ChatGPT accounts have been compromised and are being sold on the dark web. The accounts were breached by malware and the compromised credentials and chat histories are being sold on illegal marketplaces.
The compromised accounts could give bad actors confidential information about companies and individuals.
The cybersecurity firm Group-IB discovered the compromised Chat GPT credentials inside logs coming from an info stealing malware called Raccoon traded on the dark web.
The majority of logs containing Chat GPT accounts have been breached by Raccoon.
The cybersecurity firm said the sheer amount of compromised Chat GPT accounts it is finding shows just how popular Chat GPT has become around the world.
The compromised accounts are a warning to most of the chatbot’s casual users.
Has ChatGPT responded to the account leak and what measures are they taking to address it
ChatGPT has not yet responded to the recent account leak of over 100,000 Chat GPT accounts. However, in the past, Chat GPT has acknowledged and addressed data breaches that have occurred on their platform.
In March 2023, Chat GPT suffered a data leak that exposed users’ chat history, personal, and billing data due to a vulnerability in the redis-py open-source library.
Chat GPT took the service offline until it was fixed and notified 1.2% of Chat GPT Plus subscribers via email about the billing information that another user might have seen.
In May 2023, OpenAI confirmed a data breach in the system that was caused by a vulnerability in the code’s open-source library, which allowed users to see the chat history of other active users.
The researchers from OpenAI discovered that this same vulnerability was likely responsible for visibility into payment information for a few hours before Chat GPT was taken offline.
Therefore, it is expected that Chat GPT will take similar measures to address the recent account leak and notify affected users.