A week ago, we reported the ChatGPT outage that frustrated users around the world, with over 1,000 reports of users reporting problems opening or using the bot. The outage affected both paid and free users, leading to lost conversations and general agony.
The issue was resolved soon after, but in an OpenAI post titled "March 20 ChatGPT Outage: Here's What Happened," we learned the disturbing truth behind what actually happened during the hours ChatGPT went down.
According to OpenAI, the bug allowed users to see the titles of other users' chat history, which included the first post of a newly created chat, which could be seen in someone else's history if both users were online at the same time.
So if you and I were to use ChatGPT at the same time, there was a chance that you would have my chat details on your screen and vice versa. Creepy and a bit disconcerting. Users also lost some chat history that was restored after the bug was fixed, except for a few hours of history, presumably around the bug.
However, perhaps the most concerning issue reported by OpenAI is that the same bug "may have caused unwanted visibility of payment-related information for the 1,2% of ChatGPT Plus subscribers who were active during a specific window." nine hours." .
a disturbing confession
OpenAI explained that in the hours before ChatGPT went offline, some users might see first and last names, email addresses, payment addresses, and the last four digits of a credit card and credit card expiration date. another active user.
OpenAI clarified that the probability of a person's data being revealed to another user is very low, since they would have to meet very specific criteria. This includes opening a subscription email that was sent between 1am and 10am PT (that is, when the bug meant those emails were going to the wrong users).
The second criteria would have been for users to click "Manage My Subscription" between 1:00 am and 10:00 am Pacific Time. During this window, your first and last name, email address, payment address, credit card expiration date, and the last four digits of your credit card number would have been visible to another active user.
OpenAI has contacted affected users and is confident that "there is no continued risk to user data." If you're concerned about your payment information being exposed, the only real solution is to remove your payment information from your OpenAI account or contact your bank to check for suspicious activity if you think your information may have been among those exposed. .