- A hacker has allegedly listed 20 million OpenAI logins for sale
- However the origins of these credentials are disputed
- OpenAI says its investigation has found no evidence of a compromise
A hacker claims to be selling the login credentials of 20 million OpenAI users accounts – but the company says its own investigation has found no evidence of a hack.
A report from Malwarebytes Labs discovered a cybercriminal who goes by the name тАШemirkingтАЩ had listed a dataset for sale on a cybercrime forum claiming to contain, тАШ20 million access codes to OpenAI accountsтАЩ.
OpenAI responded, stating, тАЬWe take these claims seriously. We have not seen any evidence that this is connected to a compromise of OpenAI systems to date.тАЭ Breaches like these can have catastrophic consequences for both the company and the users, but there are a few red flags that point to this incident being less than genuine, hereтАЩs what we know.
An unlikely story?
In Malwarebytes LabтАЩs initial report, there was some doubt cast over the origins of the information, with the report outlining
тАЬIt seems unlikely that such a large amount of credentials could be harvested in phishing operations against users, so if the claim is true, emirking may have found a way to compromise the auth0.openai.com subdomain by exploiting a vulnerability or by obtaining administrator credentials.тАЭ
The report also pointed out that the cybercriminal allegedly responsible for the leak was a relatively new user of the forums – which wouldnтАЩt mean much on its own, but KELA cybersecurity also assessed the available data, and concluded the credentials were obtained via infostealer malware.
The analyzed sample by KELA showed the compromised logins related to OpenAI services, and contained authentication details to тАШauth0.openai.comтАЩ.
The security researchers then cross-referenced these details with its own data lake of “compromised accounts obtained from infostealer malware, which contains more than a billion records, including over 4 million bots collected in 2024.”
тАЬAll credentials from the sample shared by the actor тАШemirkingтАЩ were found to originate in these compromised accounts, likely hinting at the source of the full 20 million OpenAI accounts that the actor intends to sell,тАЭ the security company confirmed.
Ultimately, the investigation concluded, “the majority of compromised credentials of OpenAI services offered for sale on BreachForums by emirking are not related to a breach of OpenaAI systems.”
The credentials were deemed to be a part of a larger dataset “scraped from a mix of private and public sources that sell and share infostealer logs” – not from an unreported compromise.
Staying safe
No matter how the leaked credentials were acquired, anyone who has had their details leaked is at risk. The primary danger with this incident is social engineering attacks and identity theft.
Because many users of AI chatbots will (sometimes unwittingly) hand over personal information, anyone with access to their accounts could use the compromised email address to engineer personal and specific phishing attacks designed to steal even more information.
Just asking a chatbot for restaurant recommendations in your city, advice on budgeting, or work-specific questions or summaries can give attackers all the information they need to craft a convincing way to reach out pretending to be a colleague, trusted company, friend, or family member.
Being vigilant is the most effective way to combat this. DonтАЩt give out any information to an unknown person or unexpected contact that you havenтАЩt thoroughly vetted first, and make sure not to click any links you donтАЩt 100% trust.
Make sure to also create a strong and secure password, and it’s important that you do not reuse passwords from one site to another – this helps by quarantining any account that has been breached.
ItтАЩs a similar process when mitigating the risk of identity theft. Keeping an eye on your accounts, statements, and bills to make sure thereтАЩs nothing you donтАЩt recognize, and let your bank know immediately if there is anything suspicious.
WeтАЩve also listed some software which can essentially do the work for you, monitoring your credit files, warning about suspicious activity, and alerting you if any personal information is used (such as new bank accounts being opened in your name). Some even offer identity recovery and insurance policies up to $1 million, so check out our picks for best identity theft protection for families if youтАЩre concerned about your information.
You might also like
- Check out our list of the best firewall software around today
- Top US health provider tells 882,000 patients they were hit in August 2023 breach
- We’ve also rounded up the best malware removal software on offer right now
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Watch out – those PDFs lurking in your inbox could be a major security risk
Businesses still havenтАЩt stopped using weak passwords, and itтАЩs getting super risky
Latest Android Auto update could turn your carтАЩs cameras into a free dash cam
-
1Latest Android Auto update could turn your carтАЩs cameras into a free dash cam
-
2Watch out – those PDFs lurking in your inbox could be a major security risk
-
3I tried the latest update to NotebookLM and itтАЩs never been easier to make an AI podcast out of other peopleтАЩs articles, for better or worse
-
4Businesses still havenтАЩt stopped using weak passwords, and itтАЩs getting super risky
-
5Samsung is being weirdly cagey about supporting Netflix’s big HDR upgrade that’s basically custom-made for its TVs
