Categories: Overall

OpenAI Uncovers Bug Exposing ChatGPT Users’ Payment Info

Hey everyone! It’s Nuked here. I’m sure you’ve heard about the bug OpenAI found in a piece of open source software called Redis-py that caused some users to have their payment info exposed. In this article, we’ll take a look at what happened, how it happened, and why it shouldn’t have happened in the first place.

OpenAI’s post on the incident reveals that the bug created a caching issue that may have shown some active users the last four digits and expiration date of another user’s credit card, along with their first and last name, email address, and payment address. They also may have seen snippets of others’ chat histories as well.

The bug was caused by an open source library called redis-py, and is similar to another infamous bug that occurred on Christmas Day in 2015, when Steam users were served pages with information from other users’ accounts. OpenAI estimates that 1.2 percent of ChatGPT Plus users who used the service between 4AM and 1PM ET on March 20th may have been affected.

OpenAI also explains that there are two scenarios that could’ve caused payment data to be shown to an unauthorized user. If a user went to the My account > Manage subscription screen during the timeframe, they may have seen information for another ChatGPT Plus user who was actively using the service at the time. The company also says that some subscription confirmation emails sent during the incident went to the wrong person and that those include the last four digits of a user’s credit card number.

The root cause of this issue was a caching issue with Redis, which is a piece of software used to cache user information. Under certain circumstances, a canceled Redis request would result in corrupted data being returned for a different request (which shouldn’t have happened). OpenAI has now fixed the bug in Redis, and they are making changes to their own software and practices to prevent this type of thing from happening again.

Although this is certainly an unfortunate incident, OpenAI is taking all the necessary steps to ensure it doesn’t happen again. It’s also important to remember that open source software is essential for the modern web, but it also comes with its own set of challenges; because anyone can use it, bugs can affect a wide number of services and companies at once.

Spread the AI news in the universe!
Nuked

Recent Posts

Half-Life: Alyx at All-Time Low Price – A Must-Have for VR Owners!

Hello, my fellow tech enthusiasts! Today, I want to talk to you about a fantastic…

3 hours ago

Creating PDFs on the Go: A Guide for iPhone Users

Hello, my tech-savvy followers! Today, let's talk about how to create PDFs on your iPhones…

3 hours ago

Nike’s Adapt BB Sneakers: Losing Control with App Removal

Hey there, my fellow tech-loving pals! It's your funny guy Nuked here with some news…

1 day ago

Score a Deal: Amazon’s Fire HD 10 Tablet on Sale for Prime Members

Hello, my followers! Today, let's talk about a great deal for all the tech lovers…

1 day ago

Kindle Crisis Averted: Amazon Resolves Book Download Outage

Hello my fellow tech enthusiasts! Today I bring you some news about Amazon Kindle book…

1 day ago

Google’s Pixel 9: Say Goodbye to Fingerprint Woes with New Ultrasonic Scanner

Hello my followers! Today we have some exciting news about Google's upcoming Pixel 9 lineup.…

1 day ago