Science and TechData Privacy and Cybersecurity

Actions

Cybersecurity firm finds compromised ChatGPT accounts on dark web

Group-IB, a cybersecurity firm, reports that more than 26,000 compromised ChatGPT accounts were detected on the dark web in May.
ChatGPT app seen on an iPhone.
Posted

Thousands of ChatGPT accounts may be at risk.

Group-IB, a cybersecurity firm, reports that more than 26,000 compromised ChatGPT accounts were detected on the dark web in May and were being offered for sale. 

There's concern about the type of information hackers could obtain through these various compromised accounts. According to Group-IB, more employers are using ChatGPT to optimize their work. Entries into the chatbot could include sensitive or proprietary information. 

ChatGPT app on an iPhone

Experts: US needs to take steps to regulate rapidly-evolving AI

How worried should Americans be about A.I. and its future potential?

LEARN MORE

Several major companies have been wary of using ChatGPT to help optimize their services. According to The Wall Street Journal, Apple restricted use of ChatGPT. Other companies that have banned the app include Verizon and JPMorgan Chase.

Group-IB cautions everyday users about a type of malware known as "info stealers." The cybersecurity firm says the malware collects data that is stored in browsers. It can also collect data from instant messengers and emails. Hackers likely used this type of malware to obtain users' ChatGPT credentials.

"This type of malware infects as many computers as possible through phishing or other means in order to collect as much data as possible," Group-IB said.

The Federal Trade Commission says people can protect against malware by not clicking on links in emails or text messages. The agency says, instead, to go directly to the link. It also recommends avoiding pop-ups or ads that refer to your computer's performance.

The homepage of the CISA website.

US government agencies targeted in global cyberattacks, officials say

Officials say the perpetrators have not leaked any information or data that they may have taken during the breach.

LEARN MORE