Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    HomeNewsTechnologyOpenAI says ChatGPT may have leaked user payment information due to a bug

    OpenAI says ChatGPT may have leaked user payment information due to a bug

    OpenAI said the bug that caused ChatGPT to show user conversations may have also leaked the payment information of 1.2% of ChatGPT Plus users

    Moneycontrol News
    March 25, 2023 / 13:13 IST
    (Image: Gabby Jones/Bloomberg)

    OpenAI, the company behind AI chatbot ChatGPT, has said that a bug may have caused ChatGPT to reveal user payment information for 1.2 percent of ChatGPT Plus subscribers.

    On March 23, OpenAI said a bug in an open-source library that the bot uses resulted in user conversation titles being visible to other people on the platform as well.

    Also Read | Opera integrates ChatGPT and ChatSonic into its desktop browsers

    Now, OpenAI is saying that the same bug may have also caused "unintentional visibility of payment-related information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window".

    The company also confirmed that the same bug resulted in ChatGPT going offline for an hour on March 20.

    Related stories

    The fault was in the Redis client open-source library called redis-py. The database is used by ChatGPT to "cache user information" on its servers, so that doesn't have to check the system database for every request.

    OpenAI said that the possibility of someone's data being revealed was extremely low and the user would have had to either have opened "a subscription confirmation email sent on Monday, March 20, between 1 a.m. and 10 a.m. Pacific time" or click on "My Account" or "Manage my subscription” between 1 a.m. and 10 a.m. Pacific time on Monday, March 20."

    Also Read | Can ChatGPT plan your vacation? Here’s what to know about AI and travel

    This is because the bug caused subscription emails to be sent to the wrong users. The mails contained the last four digits of another user's credit card number but full numbers were not revealed.

    In the second instance, during the period between 1am and 10am Pacific Time, "another active ChatGPT Plus user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date might have been visible".

    The company said that it was possible that this could have occurred before March 20 but it had "not confirmed any instances of this".

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    Moneycontrol News
    first published: Mar 25, 2023 12:35 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347
    CloseOutskill Genai