New Delhi, March 25 (SocialNews.XYZ) OpenAI, the creator of ChatGPT, has admitted that some users' payment information may have been exposed earlier this week when it took ChatGPT offline owing to a bug.
According to the company, the Microsoft-owned company took ChatGPT offline due to a bug in an open-source library which allowed some users to see titles from another active user's chat history.
"It was also possible that the first message of a newly-created conversation was visible in someone else's chat history if both users were active around the same time," said the company.
The bug has been patched and ChatGPT service and its chat history feature, with the exception of a few hours of history, have been restored.
However, upon deeper investigation, OpenAI discovered that the same bug may have caused the unintentional visibility of "payment-related information of 1.2 per cent of the ChatGPT Plus subscribers who were active during a specific nine-hour window".
"In the hours before we took ChatGPT offline, it was possible for some users to see another active user's first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time," the company revealed.
Due to the bug, some subscription confirmation emails generated during that window were sent to the wrong users.
These emails contained the last four digits of another users' credit card number, but full credit card numbers did not appear.
"It's possible that a small number of subscription confirmation emails might have been incorrectly addressed prior to March 20, although we have not confirmed any instances of this," OpenAI further said.
The company said it has reached out to notify affected users that their payment information may have been exposed.
"We are confident that there is no ongoing risk to users' data," it added, apologising again to users and to the entire ChatGPT community.
The bug was discovered in the Redis client open-source library called "redis-py".
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz