ChatGPT leaks user conversations, personal information

Occurred: March 2023

ChatGPT allowed some users to see other users' conversations and personal information, suggesting OpenAI had access to user conversations, and calling into question the company's privacy duty of care.

Users had shared images of chat histories that they said were not theirs on social media sites Reddit and Twitter, prompting a flood of complaints. 

Initially, the incident appeared confined to user conversations, which OpenAI states in its ChatGPT FAQs are reviewed - most likely to improve its systems on an ongoing basis. 

However, the company later confirmed that some users' first and last names, email addresses, payment addresses, parts of credit card numbers and credit card expiration dates had also been exposed.

OpenAI disabled the chatbot to fix the error, and said that users had not been able to access full conversations. CEO Sam Altman later said the company felf 'awful' about the glitch, and that it had been fixed. 

Developer: OpenAI

Country: USA

Sector: Technology

Purpose: Generate text

Technology: Chatbot; NLP/text analysis; Neural network; Deep learning; Machine learning
Issue: Privacy

Transparency: Governance

Page info
Type: Incident
Published: September 2023
Last updated: November 2023