ChatGPT Plus: some users’ payment information was visible to others
ChatGPT was disrupted on March 20, with a bug that made it possible to see other people’s histories. OpenAI wasn’t really into the details until now. This is now the case and we learn that the history accessible by others was not the only concern, it is also a question of payment information.
Open AI noted that data from 1.2% of ChatGPT Plus subscribers was visible to others earlier this week. The band says:
In the hours leading up to ChatGPT going offline on Monday, some users were able to see first and last name, email address, payment address, last four digits (only) of a phone number. credit card and credit card expiration date of another active user. The full bank card numbers were never exposed.
OpenAI estimates that the number of ChatGPT Plus users whose personal and payment information was visible during this time is “extremely weak”. Nevertheless, the company is contacting people whose information may have been leaked.
The group also admits that it has not kept its commitment to respect the privacy of users very well. “We have not respected this commitment nor met the expectations of our users”indicates OpenAI which apologizes and ensures to work “diligently to restore trust”.
Regarding the ChatGPT bug earlier this week, OpenAI reveals that it was due to the open source Redis library. This is used by the chatbot to cache user information on the OpenAI server.