GIVEAWAY: Patriot Viper Xtreme 5 DDR5, Viper Venom DDR5, and VP4300 2TB SSD

Bad news on that ChatGPT bug - it leaked some credit card details

The better news is that the full card number wasn't leaked, just the last four digits, although other worrying personal data was spilled.

Bad news on that ChatGPT bug - it leaked some credit card details
2 minutes & 2 seconds read time

Last week, ChatGPT went down in what first appeared to be a global outage, but was in fact, due to OpenAI shutting the service (temporarily) after finding a bug that made user chat histories visible to the public - and more besides, we've now found out, worryingly.

The bug in an open source library has turned into a thornier problem than OpenAI first realized (Image Credit: Pixabay)

The bug in an open source library has turned into a thornier problem than OpenAI first realized (Image Credit: Pixabay)

In what was later described as a "significant issue" pertaining to a bug present in an open source library, titles of chat histories, and possibly the initial messages, were in some cases seen by other users who were active at the same time as a person having a chat.

The bug is now fixed, but after fully investigating what happened here, OpenAI has admitted that some credit card details of a small subset of users were possibly exposed.

The bug "may have caused the unintentional visibility of payment-related information" of 1.2% of ChatGPT Plus subscribers.

OpenAI explained that in the few hours before ChatGPT got pulled down last Monday (March 20), some users may have been able to view another active user's credit card number - albeit the last four digits only - and the card expiry date.

Note that the full card number was not visible, and while the details that were potentially viewable weren't enough to be able to actually use the card, it's still highly concerning for any payment info like this to be potentially spilled to others.

Other personal details that could have been visible in this way included first and last names, email addresses, and payment addresses.

The company tells us that the number of users finding data exposed in this way was "extremely low" and that there are two main circumstances where this might have happened.

Namely if a user clicked on "My account" then "Manage my subscription" between 1am and 10am (Pacific Time) on Monday, March 20, or if a user opened a subscription confirmation email sent in that same time period (as the bug caused those emails to be sent to the wrong users).

It's possible that occurrences of the bug causing the mentioned data leakage could have happened before March 20, as well, OpenAI notes, but as yet, there are no confirmed cases of this.

The company also assures users that the fix to the bug in question has been extensively tested, and that several data sources have been correlated to identify any affected users who will subsequently be notified.

Buy at Amazon

ChatGPT for Startups: Make Money Online with AI

TodayYesterday7 days ago30 days ago
* Prices last scanned on 5/31/2023 at 12:45 pm CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Darren has written for numerous magazines and websites in the technology world for almost 30 years, including TechRadar, PC Gamer, Eurogamer, Computeractive, and many more. He worked on his first magazine (PC Home) long before Google and most of the rest of the web existed. In his spare time, he can be found gaming, going to the gym, and writing books (his debut novel – ‘I Know What You Did Last Supper’ – was published by Hachette UK in 2013).

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles