CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

ChatGPT worldwide outage and data loss reported

First reported
Last updated
1 unique sources, 2 articles

Summary

Hide ▲

OpenAI's ChatGPT service experienced a worldwide outage, with users reporting errors and disappearing conversations. The cause of the disruption remains unclear, and OpenAI has acknowledged the issue and is working on a fix. Approximately 30,000 users were affected, encountering errors such as 'something seems to have gone wrong' and 'There was an error generating a response.' Some users also noted that their conversations disappeared and new messages failed to load. ChatGPT has started to come back online as of 15:14 ET, but it's still slow.

Timeline

  1. 02.12.2025 21:52 2 articles · 23h ago

    ChatGPT experiences worldwide outage with data loss reports

    Users worldwide report that ChatGPT is down, encountering errors and disappearing conversations. Approximately 30,000 users are affected, and OpenAI has acknowledged the issue and is working on a fix. ChatGPT has started to come back online as of 15:14 ET, but it's still slow.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Microsoft Defender XDR Portal Outage Affects Threat Hunting Alerts

Microsoft Defender XDR portal experienced an outage lasting over 10 hours, disrupting access to security alerts and other features. The issue was caused by a traffic spike leading to high CPU utilization. Microsoft applied mitigation measures, and some customers have reported resolution, but a small number still face issues. The outage impacted advanced threat-hunting alerts and device visibility, affecting security operations for affected organizations.

Open in new tab

Mixpanel Data Breach Exposes OpenAI API User Information

OpenAI has disclosed that a data breach at Mixpanel, a third-party analytics provider, exposed limited customer identifiable information and analytics data of some OpenAI API users. The breach occurred between November 9 and 25, 2025, and resulted from a smishing (SMS phishing) campaign detected on November 8, 2025. Affected data includes names, email addresses, approximate locations, operating systems, browsers, referring websites, and organization or user IDs associated with API accounts. OpenAI has removed Mixpanel from its services and is conducting additional security reviews across its vendor ecosystem. The company is notifying potentially affected users and advising them to be vigilant against phishing and social engineering attacks. OpenAI emphasized that no chat content, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised. CoinTracker, a cryptocurrency portfolio tracker and tax platform, has also been impacted, with exposed data including device metadata and limited transaction count.

Open in new tab

Uhale Android-based photo frames deliver malware on boot

Uhale Android-based digital picture frames have been found to download and execute malware on boot due to multiple critical security vulnerabilities. The issues were reported to the manufacturer, ZEASN (now Whale TV), but went unaddressed. The malware is linked to the Mezmess and Voi1d families. The devices also have multiple security gaps, including disabled SELinux, rooted systems, and use of AOSP test-keys. The vulnerabilities allow for remote code execution, command injection, and unauthorized file access. The exact number of affected users is unknown due to the devices being sold under various brands.

Open in new tab

ShadowLeak: Undetectable Email Theft via AI Agents

A new attack vector, dubbed ShadowLeak, allows hackers to invisibly steal emails from users who integrate AI agents like ChatGPT with their email inboxes. The attack exploits the lack of visibility into AI processing on cloud infrastructure, making it undetectable to the user. The vulnerability was discovered by Radware and reported to OpenAI, which addressed it in August 2025. The attack involves embedding malicious code in emails, which the AI agent processes and acts upon without user awareness. The attack leverages an indirect prompt injection hidden in email HTML, using techniques like tiny fonts, white-on-white text, and layout tricks to remain undetected by the user. The attack can be extended to any connector that ChatGPT supports, including Box, Dropbox, GitHub, Google Drive, HubSpot, Microsoft Outlook, Notion, or SharePoint. The ShadowLeak attack targets users who connect AI agents to their email inboxes, such as those using ChatGPT with Gmail. The attack is non-detectable and leaves no trace on the user's network. The exploit involves embedding malicious code in emails, which the AI agent processes and acts upon, exfiltrating sensitive data to an attacker-controlled server. OpenAI acknowledged and fixed the issue in August 2025, but the exact details of the fix remain unclear. The exfiltration in ShadowLeak occurs directly within OpenAI's cloud environment, bypassing traditional security controls.

Open in new tab

ChatGPT downgrade attack via prompt manipulation

A new technique called PROMISQROUTE allows attackers to downgrade ChatGPT to less secure models by manipulating prompts. This technique exploits ChatGPT's routing mechanism, which directs prompts to different models based on complexity and task type. The downgraded models are more susceptible to jailbreak attacks, posing a security risk. The vulnerability arises because ChatGPT uses a routing layer to direct prompts to appropriate models, including older, less secure versions. Attackers can influence this routing by adding specific phrases or keywords to their prompts, tricking the system into using less secure models. The impact of this attack includes the potential for malicious actors to bypass security measures and exploit vulnerabilities in older models. OpenAI has acknowledged the issue but has not provided a detailed solution.

Open in new tab