Are You Sharing Too Much Information with ChatGPT?

Hackers have figured out how a to look at everything you have been asking ChatGPT and see the answers.

Instead of attackers using ChatGPT to cause cyber attacks, they have turned the technology on itself. OpenAI, which developed the chatbot, confirmed a data breach of the system, according to Security Week. The breach took the service offline until it was fixed.

ChatGPT has quickly becameย the fastest-growing consumer appย in history, reaching over ๐Ÿ๐ŸŽ๐ŸŽ ๐ฆ๐ข๐ฅ๐ฅ๐ข๐จ๐ง ๐ฆ๐จ๐ง๐ญ๐ก๐ฅ๐ฒ ๐ฎ๐ฌ๐ž๐ซ๐ฌ by January. Approximately 13 million people used the AI technology daily within a full month of its release. Letโ€™s compare that to another extremely popular app โ€” TikTok โ€” which took ๐—ก๐—œ๐—ก๐—˜ ๐— ๐—ข๐—ก๐—ง๐—›๐—ฆ to reach similar user numbers.

Anytime you have a popular app or technology, itโ€™s only a matter of time until Hackers start targeting it. For ChatGPT, the exploit came via a vulnerability in the Redis open-source library. This allowed users to see the chat history of other active users.

Because thousands of contributors develop and have access to the open-sourceย code that makes up ChatGPT, itโ€™s easy for vulnerabilities to go unnoticed. Hackers are very aware of this fact, which is why attacks on open-source libraries haveย increased by 742%ย since 2019.

The ChatGPT exploit has been classified as minor, and OpenAI was able to patch the bug within days. But we have to keep in mind even a minor cyber incident can create a lot of damage.

This was considered to be a ๐ฌ๐ฎ๐ซ๐Ÿ๐š๐œ๐ž-๐ฅ๐ž๐ฏ๐ž๐ฅ ๐ข๐ง๐œ๐ข๐๐ž๐ง๐ญ. But as researchers from OpenAI looked closer, they discovered the same vulnerability was likely responsible for Hackers being able to look at ๐œ๐ฎ๐ฌ๐ญ๐จ๐ฆ๐ž๐ซ ๐ฉ๐š๐ฒ๐ฆ๐ž๐ง๐ญ ๐ข๐ง๐Ÿ๐จ๐ซ๐ฆ๐š๐ญ๐ข๐จ๐ง for a few hours before ChatGPT was taken offline.

โ€œIt was possible for some users to see another active userโ€™s first and last name, email address, payment address, the last four digits (only) of a credit card number and credit card expiration date. Full credit card numbers were not exposed at any time,โ€ OpenAI said in aย releaseย about the incident.

There are some potentially huge privacy concerns surrounding the use of chatbots. The AI technology stores vast amounts of data and then uses that information to generate responses to questions and prompts. And anything in the chatbotโ€™s memory becomes fair game for other users.

For example, chatbots can record a single userโ€™s notes on any topic and then summarize that information or search for more details. But if those notes include sensitive data โ€” an organizationโ€™s intellectual property or sensitive customer information, for instance โ€” it enters the chatbot library. The person no longer has control over that information.

Because of these privacy concerns, some businesses and entire countries are restricting access or blocking it altogether.