The leak is caused by a bug in the Redis database.
OpenAI stated that a Redis database bug caused ChatGPT to crash and leak data when users saw other users' personal information and chat requests.
An OpenAI representative officially confirmed that on March 20, due to a glitch in the privacy settings, ChatGPT briefly showed other people's conversation histories of random users of the platform.
In addition, several ChatGPT Plus subscribers also reported seeing other people's email addresses on their subscription pages.
OpenAi released a report today explaining that a bug in the Redis library caused ChatGPT to display other users' queries and personal information for 9 hours to approximately 1.2% of ChatGPT Plus subscribers.
"A bug has been discovered in the Redis client open source library, 'redis-py'. As soon as we discovered the bug, we reached out to the Redis maintainers with a patch to fix the problem,” OpenAI said in a post.
Disclosed information includes:
last 4 digits of the credit card number;
card expiration date.
The Company will contact all affected ChatGPT users whose payment information has been disclosed.
Maybe everything worked out, or maybe the attackers managed to take advantage of the situation and upload the disclosed information. Be that as it may, the situation is worth watching. It may sound trite, but in dialogues with ChatGPT, even in a joking manner, you should not indicate your own or other people's personal data, be it people's names / surnames, phone numbers, postal addresses, bank card details, etc. Who knows what kind of OpenAI leak might happen next, so it's worth protecting yourself in this matter in advance.