A reader of ArsTechnica was receiving the personal data of other users, including account passwords and unpublished research papers. According to the latest report from Ars Technica, the cause of those ChatGPT histories were caused by a compromised account.
A representative from OpenAI told ArsTechnica, "we consider it an account take over in that it’s consistent with activity we see where someone is contributing to a ‘pool’ of identities that an external community or proxy server uses to distribute free access. The investigation observed that conversations were created recently from Sri Lanka. These conversations are in the same time frame as successful logins from Sri Lanka.”
If your OpenAI account is hacked, any personal data shared in your chat histories can be mined by hackers. This makes perfect sense, but the idea that you could access information from other compromised accounts is out of the ordinary when it comes to security threats.
How to protect your OpenAI account
As OpenAI does not provide multi-factor authentification, you need to make sure you use a strong password to keep your ChatGPT history protected.
Like with any online account, you want to follow the basic password security steps for your OpenAI account like you would with any other online account.
- at least 12-16 characters in length
- use a combination of upper and lower case, numbers, and symbols
- unique - not shared with any other accounts
- use a passphrase that is easy to remember but hard to guess
- change your password frequently
Of course, most people don't want to memorize a lengthy passphrase using a combination of letters, numbers, symbols, and cases. Not to mention a new passphrase for every account.
Which is why password managers exist. If you don't use the built-in password manager for your phone, laptop, or browser – take a look at our Best password managers page for help finding the best possible solution for your needs.
If you suspect any account may be compromised, be sure to change your password immediately to a long, unique passphrase.