OpenAI says no user data breached after security issue with open-source library

May 14 : OpenAI said on Wednesday it found no evidence that its user data was accessed after a security issue involving a supply-chain attack on TanStack npm, an open-source library. Here are some details:• The ChatGPT-maker said it found no evidence that its production systems or intellectual property were compromised, or that their software was altered• OpenAI said two employee devices in its corporate environment were impacted after TanStack, a widely used open-source library, got compromised earlier this week

• Limited credential material was exfiltrated from these code repositories and no other information or code was impacted, OpenAI said• The AI firm said that it isolated the impacted systems immediately after the attack and temporarily restricted code-deployment workflows, to contain impact• OpenAI said it is rotating code-signing certificates, which would require macOS users to update their applications• OpenAI did not immediately respond to a Reuters request for further details

OpenAI says no user data breached after security issue with open-source library

Other newsrooms on this story

Related reading

OpenAI confirms security breach in TanStack supply chain attack

Other newsrooms on this story

Related reading

OpenAI confirms security breach in TanStack supply chain attack

OpenAI identifies security issue involving third-party tool, says user data was…

OpenAI says hackers stole some data after latest code security issue |…

OpenAI caught in TanStack npm supply chain chaos after employee devices…

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS…

OpenAI vows safety policy changes after Tumbler Ridge shooting