Another day, another security breach. This time, it's OpenAI's turn.
Today, users are waking up to discover emails from OpenAI's security team, confirming more security issues at the company. This one is a bit more egregious than previous breaches, exposing emails, names, and approximate locations of an undisclosed number of users.
- Names provided to accounts on platform.openai.com
- Email addresses linked to the API accounts via platform.openai.com
- "Coarse approximate location" determined by IP address and web browser
- OS and browser type, as well as referring websites
- Organizataions and user IDs saved into the API accounts
The email to affected users reads as follows.
"Transparency is important to us, so we want to inform you about a recent security incident at Mixpanel, a data analytics provider that OpenAl used for web analytics on the frontend interface for our API product (platform.openai.com). The incident occurred within Mixpanel's systems and involved limited analytics data related to your API account.
This was not a breach of OpenAl's systems. No chat, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised or exposed.
On November 9, 2025, Mixpanel became aware of an attacker that gained unauthorized access to part of their systems and exported a dataset containing limited customer identifiable information and analytics information. Mixpanel notified OpenAl that they were investigating, and on November 25, 2025, they shared the affected dataset with us."
OpenAI says it has shut down its interfacing with Mixpanel while it "investigates" the breach, and urges users to be additionally vigilant of phishing-type attacks and social engineering scams that might attempt to leverage the stolen data.
OpenAI controls vast swathes of very personal information on millions of people
It's not the first time OpenAI has been in hot water for its cavalier attitude towards user privacy and safety. As individuals become increasingly comfortable to bear their souls (and potentially confidential organizational data) with ChatGPT and other similar systems, security is becoming an increasingly hot topic for companies like OpenAI and Microsoft.
While no ChatGPT conversations or governmental IDs used for age verification were leaked in this breach, it's not exactly a huge vote of confidence that the firm allowed for something like this to happen in the first place.
Data breaches of this type are incredibly common these days. I often use a variety of email aliases on my accounts to prevent potential breaches leading to all of my accounts becoming compromised, but it's a laborious process. Losing the anonymity of your account information is one thing, but I presume there are many ChatGPT users out there who probably wouldn't like their AI conversations leaked onto the web for a variety of reasons.
It's encouraging that OpenAI informed users just two days after receiving the affected user data set, but it would be ideal if things like this didn't happen at all.
Remember to slap multi-factor authentication on all of your accounts, folks.
More Black Friday 2025 - quick links
- All our TOP recommended Black Friday deals: Just the best
- Mini PC deals: up to 47% off tiny PCs
- GPU deals: early price drops on NVIDIA RTX before they go up
- Microsoft Surface deals: save up to $500 on premium PCs
- Xbox accessories: best deals on gadgets for your Xbox Series X|S and PC
- Gaming laptop deals: the best laptops for the best price
- Xbox controllers: our top picks for best controller deals
- ANC headphones: great Black Friday deals on the best ANC headphones
Even more Black Friday deals: - Samsung monitors: the best Samsung display deals we've found
- Walmart: 7 top laptop deals you shouldn't miss
- Retro gaming: handhelds, arcade machines, old school consoles, and more
- Gamer merch: Blizzard’s Warcraft, Overwatch, and Diablo IV collectibles
- Game keys: 10 PC game codes are even cheaper at Loaded (formerly CDKeys)
- Accessories: Even more PC accessories starting at $17
Follow Windows Central on Google News to keep our latest news, insights, and features at the top of your feeds!
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
