TECHNOLOGY- OpenAI has announced new details about why it took ChatGPT offline on Monday, and it’s now saying that some users’ payment information may have been exposed during the incident.
According to a post from the company, a bug in an open-source library called redis-py created a caching issue that may have shown some active users the last four digits and expiration date of another user’s credit card, along with their first and last name, email address, and payment address. Users also may have seen snippets of others’ chat histories as well.
This isn’t the first time caching issues have caused users to see each other people’s data — famously, on Christmas Day in 2015, Steam users were served pages with information from other users’ accounts.
There is some irony in the fact that OpenAI puts a lot of focus and research into figuring out the potential security and safety ramifications of its AI, but that it was caught out by a very well-known security issue.
The company says the payment info leak may have affected around 1.2 percent of ChatGPT Plus who used the service between 4 AM and 1 PM ET on March 20th.
