Chinese Snooker Association Vows To Issue Harsh Punishment Towards Players Over Match-Fixing           >>           China Renews Blue Alert For Severe Convection Weather           >>           Pakistan To Include Special Incentives For IT Sector In Annual Budget           >>           Elle Fanning Recalls Losing Role in Father-Daughter Film at 16 for Being "Unf--kable"           >>           Rumer Willis Recalls Breaking Her Own Water While Giving Birth To Baby Girl           >>           Chippy Hires Teenager To Wear Eagle Costume And Scare Off Seagulls           >>           Study: Multivitamin Supplements Can Help Improve Memory           >>           The Role Of Functional Foods In Treating Chronic Diseases           >>           Passkey Support For 1Password Arrives In Beta Today           >>           Apple Vision Pro Hands-On: A New Milestone For Mixed Reality, But Issues Remain           >>          





[email protected]



[email protected]



[email protected]



+673 222-0178 [Office Hour]

+673 223-6740 [Fax]


Upcoming Events

Let’s Raya 2023
April 13th, 2023 | 10:09 AM

Prayer Times

The prayer times for Brunei-Muara and Temburong districts. For Tutong add 1 minute and for Belait add 3 minutes.


: 04:33 AM


: 04:43 AM


: 06:07 AM


: 06:31 AM


: 12:20 PM


: 03:46 PM


: 06:31 PM


: 07:46 PM


The Business Directory



Security & Privacy

  Home > Security & Privacy

OpenAI Says A Bug Leaked Sensitive ChatGPT User Data

Future Publishing via Getty Images


 March 25th, 2023  |  09:32 AM  |   714 views



The same glitch that shared chat history titles may have divulged email addresses and payment info too.


OpenAI was forced to take its wildly-popular ChatGPT bot offline for emergency maintenance on Tuesday after a user was able to exploit a bug in the system to recall the titles from other users' chat histories. On Friday the company announced its initial findings from the incident.


In Tuesday's incident, users posted screenshots on Reddit that their ChatGPT sidebars featured previous chat histories from other users. Only the title of the conversation, not the text itself, were visible. OpenAI, in response, took the bot offline for nearly 10 hours to investigate. The results of that investigation revealed a deeper security issue: the chat history bug may have also potentially revealed personal data from 1.2 percent of ChatGPT Plus subscribers (a $20/month enhanced access package).


"In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time," the OpenAI team wrote Friday. The issue has since been patched for the faulty library which OpenAI identified as the Redis client open-source library, redis-py.


The company has downplayed the likelihood of such a breach occurring, arguing that either of the following criteria would have to be met to place a user at risk:


- Open a subscription confirmation email sent on Monday, March 20, between 1 a.m. and 10 a.m. Pacific time. Due to the bug, some subscription confirmation emails generated during that window were sent to the wrong users. These emails contained the last four digits of another user’s credit card number, but full credit card numbers did not appear. It’s possible that a small number of subscription confirmation emails might have been incorrectly addressed prior to March 20, although we have not confirmed any instances of this.


- In ChatGPT, click on “My account,” then “Manage my subscription” between 1 a.m. and 10 a.m. Pacific time on Monday, March 20. During this window, another active ChatGPT Plus user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date might have been visible. It’s possible that this also could have occurred prior to March 20, although we have not confirmed any instances of this.


The company has taken additional steps to prevent this from happening again in the future including adding redundant checks to library calls, "programatically examined our logs to make sure that all messages are only available to the correct user," and "improved logging to identify when this is happening and fully confirm it has stopped." The company says that it has also reached out to alert affected users of the issue.


This news follows a costly public faux pas committed by Google's rival Bard AI in February when it incorrectly assured Twitter that the JWST was the first telescope to image an exoplanet, as well as revelations that CNET had surreptitiously used generative AI to write financial explainer posts (a week before laying off a sizable chunk of its editorial department). Whether OpenAI will suffer the same market-based repercussions as its competitors remains to be seen.



courtesy of ENGADGET

by Andrew Tarantola


If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]


Related News

Govt To Support Double Six Victims’ Families’ Request – Jeffrey

 2023-06-07 12:29:34

Ghana Patients In Danger As Nurses Head For NHS In UK – Medics

 2023-06-06 10:44:11

US Sues Coinbase As Crypto Crackdown Widens

 2023-06-07 13:02:36