OpenAI API users customer data exposed after OpenAI breach
Data Leak
Summary
Hide ▲
Show ▼
OpenAI warned that API users may have had limited account and analytics data exposed after Mixpanel suffered unauthorized access. The exposure matters because the exported dataset included names, email addresses, coarse location, browser and operating-system details, which can support phishing or social engineering. The incident began on November 9, and the dataset was shared with OpenAI on November 25.
Related Happenings
OpenAI ChatGPT Atlas BioShocking fix
Advisory/Mitigation
H score34
First: 01.07.2026 00:50
Last: 01.07.2026 00:50
Sources 1
About this happening:
OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
OpenAI ChatGPT Atlas BioShocking fix
Advisory/MitigationAbout this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical Analysis
H score27
First: 30.06.2026 16:49
Last: 30.06.2026 16:49
Sources 1
About this happening:
**LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical AnalysisAbout this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
Poisoned Tenant OpenAI organization invite campaign
Campaign
H score35
First: 26.06.2026 20:49
Last: 26.06.2026 20:49
Sources 1
About this happening:
The **Poisoned Tenant** campaign is using fraudulent **OpenAI organizations** to lure targeted employees into shared **ChatGPT workspaces**, creating a risk of sensitive company d...
Poisoned Tenant OpenAI organization invite campaign
CampaignAbout this happening: The **Poisoned Tenant** campaign is using fraudulent **OpenAI organizations** to lure targeted employees into shared **ChatGPT workspaces**, creating a risk of sensitive company d...
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/Service
H score10
First: 08.06.2026 17:00
Last: 08.06.2026 17:00
Sources 1
About this happening:
OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing
Security Tool/ServiceAbout this happening: OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/Service
H score10
First: 06.06.2026 16:36
Last: 06.06.2026 16:36
Sources 1
About this happening:
**OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/ServiceAbout this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
Timeline
-
27.11.2025 13:15 1 articles · 7mo ago
Unauthorized access to Mixpanel systems and export of API user data
Exploitation ObservedAn attacker gained unauthorized access to part of Mixpanel’s systems and exported a dataset containing limited customer identifiable information and analytics information, creating exposure risk for platform.openai.com API account records that could include names, email addresses, coarse location, operating system, browser, referring websites, and organization or user IDs.
Show sources
- OpenAI Warns of Mixpanel Data Breach Impacting API Users — www.infosecurity-magazine.com — 27.11.2025 13:15
-
27.11.2025 13:15 1 articles · 7mo ago
Mixpanel shares the exported dataset with OpenAI
Initial DisclosureAfter an internal investigation, Mixpanel shared the exported dataset with OpenAI, confirming that users of platform.openai.com’s API may have been included in the data exposure.
Show sources
- OpenAI Warns of Mixpanel Data Breach Impacting API Users — www.infosecurity-magazine.com — 27.11.2025 13:15
-
27.11.2025 13:15 2 articles · 7mo ago
OpenAI warns API users and removes Mixpanel from production services
Mitigation Patch UpdateOpenAI told API users that some data may have been exposed, said ChatGPT and core API assets were not impacted, removed Mixpanel from production services, began notifying potentially affected users and organizations, and expanded security reviews across its vendor ecosystem.
Show sources
- OpenAI Warns of Mixpanel Data Breach Impacting API Users — www.infosecurity-magazine.com — 27.11.2025 13:15
- OpenAI Warns of Mixpanel Data Breach Impacting API Users — www.infosecurity-magazine.com — 27.11.2025 13:15
-
27.11.2025 13:15 1 articles · 7mo ago
OX Security outlines Mixpanel data collection and phishing risk
Technical Analysis UpdateOX Security described the kinds of information Mixpanel can collect, including current page, operating system, browser name, referring website, device unique identifier, current page title, browser version, email, name, location information, adblock status, and screen dimensions, while OpenAI warned that compromised profile data could be used for phishing or social engineering.
Show sources
- OpenAI Warns of Mixpanel Data Breach Impacting API Users — www.infosecurity-magazine.com — 27.11.2025 13:15