On March 24, 2023, OpenAI, the company behind ChatGPT, reported a data breach on their blog. In the post, they noted that a bug had allowed users to see some chat history and partial payment data for other active users. The exposed payment data included payment address, credit card type, credit card expiration date, and the last four digits of the credit card number.
OpenAI fixed the bug soon after discovering the incident, and in April, they announced a bug bounty program to help detect future issues.
So far, this is the only reported data breach attributed to ChatGPT or OpenAI. We’ll keep this space updated if and when any future breaches should occur.