1. SEJ
  2.  ⋅ 
  3. Generative AI

Massive Leak Of ChatGPT Credentials: Over 100,000 Accounts Affected

Over 100,000 ChatGPT accounts were breached by info stealers, prompting calls for enhanced password practices and two-factor authentication.

  • Over 100,000 OpenAI ChatGPT account credentials were compromised and sold on dark web marketplaces from June 2022 to May 2023.
  • Info stealers such as Raccoon, Vidar, and RedLine are largely responsible for these breaches.
  • To prevent further breaches, users are advised to follow good password hygiene and enable two-factor authentication.

In a striking revelation, more than 100,000 OpenAI ChatGPT account credentials have surfaced on illicit dark web marketplaces within the span of a year, from June 2022 to May 2023.

According to a report by Group-IB, these credentials were unearthed within logs of stolen information which were subsequently offered for sale on underground cybercrime platforms.

Users Affected Worldwide

India bore the brunt of this breach, with 12,632 stolen credentials traced back to the country.

This highlights the rapid adoption of ChatGPT in India. Many Indian tech companies have integrated ChatGPT to improve customer service and employee productivity.

Several other countries follow closely. Pakistan, Brazil, Vietnam, Egypt, the U.S., France, Morocco, Indonesia, and Bangladesh are the most affected.

The widespread impact indicates the popularity of ChatGPT across cultures and regions.

Behind the Breach: The Role of Info Stealers

Info stealers have grown in popularity among cybercriminals due to their capability to seize passwords, cookies, credit cards, and other vital information from browsers and cryptocurrency wallet extensions.

The success of info stealers suggests people aren’t practicing good cyber hygiene, like using unique passwords and enabling two-factor authentication.

Logs containing compromised information harvested by info stealers are readily traded on dark web marketplaces.

Law enforcement struggles to curb illicit transactions on the dark web, which has become a hub for cybercriminal activities due to the anonymity it provides.

Risks Of ChatGPT Integration & Need For Secure Practices

“Many enterprises are integrating ChatGPT into their operational flow,” notes Dmitry Shestakov, head of threat intelligence at Group-IB.

This highlights how AI is transforming businesses but also introducing new risks.

In light of these risks, Shestakov recommends users follow proper password safety practices and secure their accounts with two-factor authentication (2FA) to thwart account takeover attacks.

Enabling 2FA is one of the best ways users can protect their accounts since it requires not just the password but also another piece of information like a security code sent to the user’s phone.

In Summary

This incident underscores the urgent need for enhanced security practices in a world increasingly dependent on AI and digital interactions.

As cybercriminals evolve their tactics, public awareness about cyber risks and how to mitigate them becomes more critical.

Regardless of the tools you use, stay vigilant and prioritize secure practices to avoid becoming an easy target.

Featured Image: BRO.vector/Shutterstock

Category News Generative AI
SEJ STAFF Matt G. Southern Senior News Writer at Search Engine Journal

Matt G. Southern, Senior News Writer, has been with Search Engine Journal since 2013. With a bachelor’s degree in communications, ...

Massive Leak Of ChatGPT Credentials: Over 100,000 Accounts Affected

Subscribe To Our Newsletter.

Conquer your day with daily search marketing news.