Hot
Video
Sports
Cricket
Entertainment
Technology
Health
Lifestyle
Auto
Business
Education
National
World
Politics
Travel
Food
OpenAI Data Leak: ChatGPT users' personal information at risk, API user data leaked due to third-party error..
Shikha Saxena November 28, 2025 05:15 PM

OpenAI has reported that the personal data of some customers connected to its API platform may have been exposed in a cyberattack on a third-party platform. According to the company, the breach occurred not on its own systems but on the platform of its partner, Mixpanel, which OpenAI used to understand usage patterns of its API services.

API Users' Data Leaked
The incident occurred on November 9, 2025, when a hacker infiltrated Mixpanel's systems. On November 25, Mixpanel informed OpenAI of the breach and shared a dataset containing data from several API customers. According to OpenAI, the stolen data included usernames, email addresses, browser and operating system information, and organization or user IDs associated with API accounts. It is a matter of relief that OpenAI's own systems or servers were not affected by the attack.

ChatGPT Users Safe
The company clarified that the breach only involved API customers. No data from ChatGPT or other front-end products was affected. Additionally, there has been no confirmation of any theft of chat content, passwords, API keys, payment information, or login credentials. However, the company did not specify how many API customers' data were compromised.

OpenAI terminates partnership with Mixpanel.
Following the incident, OpenAI immediately removed Mixpanel from its production systems and initiated an internal security review. A company representative stated that OpenAI is now working with Mixpanel and other partners to understand the cause and full extent of the breach.

API customers advised to remain vigilant
OpenAI has begun sending emails to affected organizations, administrators, and users informing them of the breach. Developers are advised to be wary of any unknown emails or messages and to ensure any notifications are sent from the genuine OpenAI domain. The company said it never asks for passwords, API keys, or verification codes via email and urged users to enable MFA (Multi-Factor Authentication) to enhance security.

Disclaimer: This content has been sourced and edited from Amar Ujala. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.

You might like
Strictly Come Dancing's Karen Hauer breaks down in tears over co-star's death
Union Home Minister Amit Shah leaves for Raipur for 3-day DGP-IGP Conference
J-K: Jamaat-e-Islami-linked locations raided across Kashmir as crackdown intensifies
Scott McTominay reaction speaks volumes as Italian media deliver clear verdict
Deepti Sharma Leads the Charge in WPL 2026 Auction with Record-Breaking Bid
© Copyright @2025 LIDEA. All Rights Reserved.