ChatGPT Breached Via Vulnerable Component Exploitation

OpenAI, the creator of ChatGPT, has confirmed a bug in an open-source library caused a data breach after a cybersecurity company discovered that a recently released component is vulnerable to an actively exploited vulnerability. OpenAI announced that it had pulled the chatbot down earlier in the week as it worked with the Redis data platform maintainers to patch the vulnerability that exposed users’ information. The problem was caused by a change made by OpenAI on March 20, affecting ChatGPT’s use of Redis-py, an open-source Redis client library. To avoid checking the database for every request, the chatbot’s creators utilized Redis to cache user information in their server. The Python interface is provided through the Redis-py library. Because of the OpenAI vulnerability, ChatGPT users were shown chat data belonging to others.

Investigation Into ChatGPT Breach

The OpenAI’s investigation revealed that the data breach exposed the titles of active users’ chat history and the first message of a newly created conversation. Additionally, the vulnerability exposed payment-related information for 1.2% of ChatGPT Plus subscribers, including their names, email addresses, payment addresses, payment card expiration dates, and the last four digits of their card number. The information could have been included in subscription confirmation emails issued on March 20 and displayed on the subscription management page in ChatGPT accounts that day. OpenAI verified that the information was disclosed within nine hours on March 20; however, it admitted that information could have been leaked earlier. They notified affected users that their payment information may have been compromised and assured them there was no ongoing risk to their data.

In addition to the ChatGPT security issue being discovered, a threat intelligence company issued a warning about a new ChatGPT feature that increases the chatbot’s information collection capabilities using plugins. OpenAI’s code examples for customers interested in integrating their plugins with the feature have a Docker image for the MinIO distributed object storage system. CVE-2022-28432, a potentially critical information disclosure vulnerability, affected the docker image version used in OpenAI’s example, release 2022-03-17. The security vulnerability can be exploited to gain secret keys and root passwords, and attempts to exploit the vulnerability have already been seen. Even though there’s no evidence that any specific threat operator is targeting ChatGPT sample instances, the vulnerability is actively exploited in the wild. When threat operators seek to identify and exploit vulnerable services in bulk, everything is in scope, including any installed ChatGPT plugins utilizing the outdated version of MinIO.

With technology evolving and advancing more rapidly in today’s digital world, threat operators will continue to utilize new methods to exploit any potential vulnerabilities. That’s why it’s important for companies to regularly perform patch updates on software programs or applications to prevent future cyberattacks and remain informed about the current threat landscape. At SpearTip, our network vulnerability assessments are an important part of the risk management process. They should be conducted regularly to ensure devices on your network are not open to known vulnerabilities. We will comprehensively identify, classify, and analyze known and potential vulnerabilities, and then provide actionable solutions to eliminate future cybersecurity problems. We will uncover gaps in access controls, recommend necessary patch updates, and assess the overall strength of application security. Ensure the tools companies rely on are securely working for their business.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.