82 comments

[ 3.5 ms ] story [ 128 ms ] thread
(comment deleted)
I think the AI gold rush has just begun, and we are yet to see much more.
Not entirely surprising. OpenAI has been lurking around the startup realm despite having the finance and people: for years they had no product to bring money in and they had to do something about it. ChatGPT was the perfect place to turn things around and they did. But often when you try to push a product to market, you are forced to cut corners. And in my experience, the most common corners to cut are tests and security. "This is well more than enough" is a very convenient way to lie to yourself and call it a job-well-done.
This seems like a user issue, rather than a OpenAI breach. FTA:

> The majority of the dumped credentials were found within logs connected to multiple information stealer malware families.

So, at least for the moment, OpenAI's security is not in question.

Exactly, I am still not clear who got compromised, the users or the platform. Seems like the users.

Which is not surprising at all, some of the phones owned by other people that I've had in my hands were so infested that barely anything worked. The amount of malware changing just about anything in the phone was comical.

Why are exposed API keys the responsibility of openai? This has nothing to do with them cutting corners or security.
Interestingly, ChatGPT was meant to be closer to a tech demo than a flagship product. It's success caught OpenAI off-guard.

> Jan Leike: I would love to understand better what’s driving all of this—what’s driving the virality. Like, honestly, we don’t understand. We don’t know.

> Part of the team’s puzzlement comes from the fact that most of the technology inside ChatGPT isn’t new. ChatGPT is a fine-tuned version of GPT-3.5, a family of large language models that OpenAI released months before the chatbot.

https://www.technologyreview.com/2023/03/03/1069311/inside-s...

A ChatGPT account has your email address, and a password, so unless folks are using ChatGPT to discuss their personal information against the warning you get every single time you log in, this is mostly just more proof that everything you log into will be hacked. Which isn't really news. Unfortunately, what it's not is an article that explains how "what they got" translates into "and this is what they could do with that data", so I'm not sure I understand the value of this data. What ramifications would this have for folks whose account got compromised?
If people use the same email and password to log into other services, then those might get compromised also.

By now no one "should" be using the same password for multiple services, but it most likely still happens

What if I used the 'sign in with google'? Should i be changing my google password?
Unlikely, auth mediation never gives out your password as part of logging into some service, it gets asks to confirm you are logged in and if so, to issue a temporary auth tokens that acts as proof that Google thinks your session is authenticated. So if you explicitly log out, then that token should get invalidated, and logging back in should yield a new auth token.
No. That is simply a token containing some claims sayings you are you, no passwords or anything like that is transferred. Having said that; it is still best practice to set up MFA for all your accounts.
That's a given. What ramifications are there for this data rather than just the generic "if you're still dumb enough to recycle passwords, you're going to find out why people keep telling you not to". What can the data in these logs actually be used for?

Because as far as credential hacks go, 100.000 users is nothing, you can trivially get password lists thousands of times bigger than that on any given day of the week.

Using the same email is almost certain. I know that we can do at least user+mod@domain, but how many people are actually using that?

All the security is in the password. Using a password manager to automatically generate and store password almost fixes that. Then there are services that insist using 8 to 16 character passwords :shrug

(comment deleted)
I've been "hiding my email" with iCloud+ more and more. The drawback is that now I don't know my password and email address for some of my services.
What's really wild is you can't even reset your password without going through the forgot password flow from the login screen.

They don't even have basics here.

MFA? Not even an option, even though they're using Auth0 and Auth0 can do that.

I asked for passkeys and got silence back. It’s two check boxes in the Auth0 tenant config (I manage an Auth0 tenant).
Why do I suspect their sysadmin is one person working half time?
Ask ChatGPT to enable those check boxes and see what happens.
maybe if your billing information is saved they could use your account to create api keys to other services and sell that.

not sure if the billing info from chatgpt is entered on the same place

If you've got a credit card attached to your account, remove it and change your password.
I think OpenAI uses Stripe for CC processing so I don't believe user's cards should be at risk.
Am I at risk if I connect through Google or Apple API ?
If your Google or Apple account is hacked then yes. If not, then no.
Jokes on you (us), there's not a way to reset your password, across all three of openai's applications.
Yes there is. They use Auth0 for authentication, so they would have to pour some effort in for this to not be possible. Just go to the login page and select "Forgot your password?" and reset it that way.
It seems to me that this these are credentials harvested from malware on people's machines, not credentials stolen from OpenAI. The relevance to ChatGPT is only because people use the chats for personal/business info and the logs are retained.
I didn't pick up on this on the first read, but I think you're right...the Raccoon info stealer is "a modular C/C++ binary designed to infect 32-bit and 64-bit systems Windows-based systems"

so this is a collection of logins, passwords, etc. collected via some bit of malware on clients...not info gleaned from OpenAi server logs, which is what I got from the article initially

Wow, windows defender just let's a random exe access other programs files without a prompt or anything. Gotta be backwards compatible at all costs!
100K.. percentage who uses ChatGPT and doesn't use google or microsoft login.. that's a decent malware coverage.
I started to get all sort of spam calls when I gave OpenAI my phone number. Coincidence? I think not.
While yes an annoyance, we should reflect on how far we've come when this type of thing causes little to no disruption.

Most of us use unique passwords, a smaller portions uses unique emails per account, and in the future we will use public keys (passkeys).

Security is getting better I'm optimistic.

However we have to continue to push on providing as little information to these companies (i.e. they don't need my name, DOB, etc.). And in the future I look forward to where I store this information, and provide it just in time as needed for the specific use cases (i.e. it might be processed and checked by a 3rd party but it's never stored).

If "us" is referring to "Hacker News users" then possibly yes, what you say is probably true.

But the world population at large, it's very much not true. I don't think I know a single person outside the IT industry who uses a password manager for anything.

Also, ChatGPT (and many other services today) allow their users to sign in via Google and other 3rd party auth services which feature 2FA.
I can admit to smirking a little when I read the article, knowing that some bad actor in the world has spent even a little time and attention poring over my collection of stupid chats, looking for valuable corporate secrets, and finding that each and every one of my conversations ends with "now express this as a limerick."
I'm glad I'm not the only one that uses ChatGPT for comedic purposes.
Are you joking or do you know for a fact that your credentials are in the leak? Is there a place to check?
If you could find where the dataset is being sold, there's might be a small sample of the dataset being provided to prove it's real, but that would be your only bet, without just buying it all.
No, on first read, I thought OpenAI had been hacked, but it looks like it's a malware thing. I'm not likely amongst the pwned.

But also not joking...every one of my chats really do end in limericks :)

(comment deleted)
I assume the value is in hitting those with password reuse across websites.

  The criminal furnished with keys
  Desired fine secrets to seize,
  But found nothing but trash:
  Poems written slapdash!
  Thus concludes a hilarious wheeze!
Has OpenAI started notifying people about the breach? I haven’t received anything. Does this mean my creds were not part of the leak or does it mean OpenAI isn’t disclosing anything?
OpenAI wasn't breached, it seems. Many people with malware on their computers logged into ChatGPT.
The article is a little unclear, but I don't think this was a breach of OpenAI. The credentials seems to have been collected by malware installed on user systems.
OpenAI has not been breached, the credentials were stolen from users infected PCs.

You’re jumping to conclusions. OpenAI would be doing these users a favour by resetting their passwords, but their computers could still be infected.

I feel like I am the only person not using ChatGPT due to privacy concerns. My conversations becoming public is half my concern. The other half is the information being used against me by companies/government.
You have to treat it like any other online service: Don't put anything in it that can't be shown publicly.
True, but I don't want to be worried about that every time I use it. That's why we need an easily accessible, locally running ChatGPT like service. Hopefully we can get there soon.
I'm using it daily and I don't think I would be bothered too much if my conversations were leaked.

Depends on the use case I guess. I don't share private code with it for instance.

Isn't it still technically in beta? I've always assumed the OpenAI engineers can view any of my conversations (especially when I use the flagging feature to mark an answer wrong or provide feedback).
One feature OpenAI really needs is the ability to force logout accounts across all devices. It doesn't have that currently, at least not with ChatGPT.

As of a month ago, sessions were still staying active even after a password change.

A little device/session management portal would be nice. Pretty standard these days.

Title buried the lede: OpenAI has not been breached. Credentials were stolen from infected computers.
It’s unclear from the article because it does not directly state the vector of attack, just the tools used. But it looks like this is not a breach of OpenAI systems, and instead is the product of malware on user machines that happened pickup ChatGPT credentials, among any other things it deemed valuable on the user’s machines. Is this a correct understanding?
Ok so to summarize: Credentials have been stolen using a rather common malware from some people that didn't protect their computers properly. A subset of those credentials were related to OpenAI - while at the same time this malware (or malware like this) is used to steal gmail-, outlook-, amazon-, facebook- and all other kinds of credentials of services where potentially sensitive information is often entered.

Wow, we really are at the point where you just need to insert "ChatGPT" into some boring random headline to make it news :)

I was hoping this was going to be "OpenAI people used ChatGPT to write their authentication code" ;)
That’s because the seller is advertising
well TBH i tried that on a video and it does work. Clickbait is real and reliable
> we really are at the point where you just need to insert "ChatGPT" into some boring random headline to make it news

No, we're at the point where the inserted item is ChatGPT, it's been many things in the past and I'm sure it'll be many other things in the future too. The pattern of cherry-picking to sensationalize headlines is as old as headlines.

(comment deleted)
> Wow, we really are at the point where you just need to insert "ChatGPT"

Except companies with valuations in the billions should be monitoring the darkweb and automatically revoking/resetting compromised accounts. Every good-sized bank and credit card provider does it.

On the annoying side, I have a 20yo email address... A CC provider notifies me every time it sees my email on a new list. But it doesn't give the origin of the list, the site(s) that were compromised, so the notification in and of itself is almost worse than useless since it's pure noise.

Almost all of my logins are generated 30-character passwords that are from/in my Bitwarden setup. I only have about 4 I have to remember (actual computer logins for work/personal and my password for Bitwarden). Exception being streaming sites (hulu, hbo max, etc) since getting 30 characters in on a TV is a pain.

I also have a host server passphrase that is words, since in the worst case, getting the random 30 was impossible in the 30s I had to enter it on a terminal view that can't paste, I had to completely reset it once (It was when first setting it up so nothing lost), but a pain.

Visual Basic Script (VBS) files inside zip files that people opened from emails. So they probably lost a lot more than some ChatGPT creds.
(comment deleted)
I have been using iCloud's new burner email feature recently, and signed up for the gpt pro account with it. My worries are low :)
If your machine is compromised, OpenAI credentials are the least of your worries.
I wonder if these dark web account credential people ever get access to lexisnexus. That seems like a real sensitive data source that could be leaking a lot of stuff on people.
If only hackers could insert some fake data in my online accounts (hope they don't read what I posted)
It's as if this is a trap to see who actually read and comprehended the article. 3rd paragraph in...

> "Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces," Group-IB said.

Though the 4th paragraph makes it more obvious.

(comment deleted)
I expect better of tomshardware.com - this is clickbait and I think this deserves a flag and shouldn't be on the front page.
> I expect better of tomshardware.com - this is clickbait

I think pretty much every creator jumps the shark sooner or later. Like for the "screaming face previews" on YouTube, clickbait really does bait clicks.

Very poorly written article. Hard to tell what exactly happened vs headline vs various parts of the body of text