InfoSecBulletin Cybersecurity for mankind
Refuting the ChatGPT Data Breach
OpenAI, the parent company of ChatGPT, has refuted a report by Group-IB that alleges a data breach of the AI software. Group-IB reported that over 100,000 infected devices were housing ChatGPT hacked credentials. However, OpenAI claims that the credential leak was due to “existing commodity malware” on users’ devices, not a breach of ChatGPT itself.
First couple “Rosie” to conceive using AI tech “STAR” successfully
Scattered Spider Actively Attacking Aviation and Transportation: FBI
Russia’s restrictions on Cloudflare making websites inaccessible
61 million Verizon records allegedly posted online for sale
Cyber Expert ‘Rene Joshilda’ Arrested for Bomb Hoaxes
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow to Gain Root Access
CISA Warns of FortiOS Hard-Coded Credentials Vulns
5 vendors’ printer totaling 748 models affected: Rapid7
Citrix Released Emergency Patches for Actively Exploited CVE-2025-6543
SonicWall warns of a trojanized NetExtender stealing VPN logins
ChatGPT data breach update:
In response to the ChatGPT data breach update query, the OpenAI communications team said the ChatGPT was not hacked and they are currently investigating the alleged hacked ChatGPT accounts.
“The findings from Group-IB’s Threat Intelligence report result from commodity malware on people’s devices and not an OpenAI breach. We are currently investigating the accounts that have been exposed,” an OpenAI spokesperson told Media.
A report from Check Point Research (CPR) highlighted an increase in the trade of stolen ChatGPT Premium accounts, allowing cybercriminals to bypass geofencing restrictions and gain unlimited access.
OpenAI maintains that it has industry best practices in place to protect user data, and that it is currently investigating the accounts that have been exposed. The company also encourages users to use strong passwords and install only verified and trusted software on their personal computers.
The ChatGPT data breach is the latest in a series of security concerns surrounding the AI software. In April 2023, Italy became the first country to ban ChatGPT, accusing OpenAI of stealing user data. Additionally, a report from Check Point Research highlighted an increase in the trade of stolen ChatGPT Premium accounts.
ALSO READ:
2463 Bangladeshi’s Compromised ChatGPT accounts are for sale on dark web
The market for stolen ChatGPT accounts has seen a rise, with cybercriminals utilizing tools like bruteforcing and checkers to hack into accounts. Additionally, “ChatGPT Accounts as a Service” has emerged, offering stolen premium accounts, often using stolen payment cards.
The demand for stolen ChatGPT accounts, especially premium ones, has increased due to the ability to bypass restrictions and access premium features. Cybercriminals exploit this demand in the dark web underground, where stolen accounts are sold and even shared for free to promote other malicious services.
