A ChatGPT bug found earlier this week also revealed user’s payment information, says OpenAI.
The AI chatbot was shut down on March 20, due to a bug that exposed titles and the first message of new conversations from active users’ chat history to other users.
Now, OpenAI has shared that even more private data from a small number of users was exposed.
“In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date,” said OpenAI. “Full credit card numbers were not exposed at any time.”
What Bard gets right that ChatGPT doesn’t
Tweet may have been deleted
(opens in a new tab)
The hours OpenAI is referring to was a nine hour window before the bug was discovered. OpenAI reports that the payment-related information of 1.2 percent of ChatGPT Plus subscribers were exposed. Those users have been notified by OpenAI. Although, the announcement stipulated, the likelihood that other users actually saw this information is low. Between the hours of 1 a.m. PT and 10 a.m. PT, users would have had to open a ChatGPT Plus subscription confirmation email or navigated to the “Manage my subscription” page to view payment information.
The bug has been patched and ChatGPT is up and running again with its user’s chat history restored. But it’s good to keep in mind that whatever you share with ChatGPT – or any place on the internet — is never 100 percent private.
Source : The ChatGPT bug exposed more private data than previously thought, OpenAI confirms
