Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
 [flagged] ChatGPT users' credit card details, personal information and chatlogs are LEAKED (dailymail.co.uk)
14 points by Neuro_Gear on March 25, 2023 | hide | past | favorite | 10 comments


The quality rich article I would expect from the DailyMail, also the title, very informative, not editorialized at all, yep.

Btw, only 4 digits of the card details were accessible, official announcement: https://openai.com/blog/march-20-chatgpt-outage


I hadn't heard anything about this, and perhaps would have held off from signing up if I had known.


Yeah, that's understandable, there is also a discussion going on on the fact that Sama blamed some opensource redis library for this, this stuff happens, useless drama.

But still, I would not get my news from the daily mail, right now in homepage they even have an article against the asylum seekers that from the pictures don't seem to like the amazing British cuisine. Ridiculous newspaper/site. It should be permabanned here.


The point is, they break a lot of news that gets burried on other venues.

I would rather a discussion of the article, than an attack on the publisher, which has nothing to do with the topic.


This wasn't buried by other venues, it was reported on by multiple credible publications yesterday and received little fanfare. The highlight of the entire debacle is Sam Altman trying to absolve OpenAI of responsibility by blaming one of their FOSS libraries.

https://news.ycombinator.com/item?id=35294082

https://www.theregister.com/2023/03/23/openai_ceo_leak/

https://www.pcmag.com/news/openai-confirms-leak-of-chatgpt-c...


The publisher is bad as the article, I was not attaching you personally btw, I would just suggest to search a better article for this kind of stories. The daily mail is just garbage, you can find better articles on the same event elsewhere.


As ChatGPT/OpenAI’s products grow in popularity so will its value to hackers. I have no doubt people using GPT are discussing sensitive details about operations of their business/personal lives with it.

So OpenAI should take cybersecurity seriously. Credit card details are nothing compared to the chat logs. Chat logs will be of high value.

Also I’ve seen the idea floating around, especially with typed languages like TypeScript, that developers write just the signature of function and have GPT/Copilot implement it. If developers trust the output and don’t care… What are the chances someone can trick GPT into producing unsafe code? There are attack vectors via the chat interface, training data, physical attacks via employees. Phishing an OpenAI employee to gain convert access to the infra/model.

If I was an intelligence agency, gaining covert access to OpenAI backend would be primary objective.


> We took ChatGPT offline Monday to fix a bug in an open source library... Which library was that?

Update: Nvm, it was redis-py. https://openai.com/blog/march-20-chatgpt-outage


I just signed-up for GPT Plus after weeks of deliberation. Even with this news, which seems to have been resolved, I am happy to have access to Plus. It's amazing.


dailymail.co.uk - I'm out




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: