ChatGPT has been hacked. Check if your account has been compromised ⚠️

Cliquez ici pour lire en français

OpenAI recently faced a massive information theft. Hackers seized almost 100,000 OpenAI accounts, which are now available on the Dark Web.

The criminals are software information thieves 🌐

The information comes from Group-IB, a Singapore-based company specializing in cybersecurity. Its new report reveals that 101,134 OpenAI accounts were compromised between June 2022 and May 2023. The biggest data breach is quite recent: 26,802 accounts were compromised last May. But how, you may ask. According to Group-IB’s analysis, the accounts were breached by well-known data-stealing software such as Raccoon (78,348), Vidar (12,984) and RedLine (6,773).

ChatGPT accounts compromised between June 2022 and May 2023. Source : Group-IB

Information thieves are malware designed to collect a variety of information stored in the browsers of infected computers. They target login credentials, credit card details, cryptographic wallet information, cookies, browsing history and other relevant data. Once collected, all this information is then sent to the malware operator. In addition, these thieves can also extract data from instant messaging, e-mails and obtain detailed information about the victim’s device. They spread indiscriminately, infecting as many computers as possible, whether through phishing or other methods, with the aim of gathering as much data as possible. Their simplicity and effectiveness make them major sources of compromised personal data. Many countries are affected, with India at the top of the list.

Top 10 countries affected by the ChatGPT account breach // Source : Group-IB

The importance of protecting your account 🔐

For Dmitry Shestakov, Head of Threat Intelligence at Group-IB, the increasing integration of ChatGPT into corporate operational workflows, coupled with ChatGPT’s standard configuration that retains all conversations, can create a wealth of sensitive information for hackers.

If you’d like to check whether your OpenAI account credentials, and more generally all your online accounts, have been leaked, you can visit the « Have I Been Pwned? » site by clicking here.

Whether your account details have been exposed or not, it’s advisable to opt for a strong password and use two-factor authentication.

Source : Group-IB