100,000 ChatGPT accounts have been stolen over the past year

The world is no stranger to cyber-attacks and data leaks. Reddit is currently going through a large data leak, and we’ve seen other major tech brands hacked over the last year. Well, according to a new report, it seems that more than 100,000 ChatGPT users have had their accounts stolen over the past year.

While ChatGPT only launched just shy of eight months ago, there were still active accounts months before the November 2022 launch date. So, while it wasn’t available to the public for a full year, there were still accounts stolen from a year ago.

More than 100,00 ChatGPT accounts were stolen

This news comes to us from cybersecurity firm Group-IB (via Bleeping Computer), and it paints a pretty grim picture. Over the past several months, hackers were able to steal credentials from more than 100,000 individual accounts.

Group-IB looked at accounts between June 2022 and May 2023, and the number of stolen accounts peaked just this May. During the month, more than 28,000 accounts had their data compromised. So, this means that the theft will continue as more people create accounts and use GPT to author their content.

The region hit the hardest was the Asia-Pacific region. In fact, almost half of the accounts stolen were from that area, about 41,000 accounts came from that area. Europe was much less affected with about 17,000 accounts stolen. The US trailed with about 4,700 accounts.

Any sort of hack is bad, and this one doesn’t seem as bad because it took place over the last year. However, this is something that the company should take seriously.

What are the risks?

You might not think that having your ChatGPT chat logs stolen is so bad. Sure, you don’t care if someone has access to logs of you asking it to write poems. However, as AI technology becomes more powerful, more people use ChatGPT for business purposes. This means that they’re going to be entering confidential business information for the chatbot to process.

Also, there are people who use the same email address and password combination for different services. While that’s not advised, it’s something that people do. Having this information could lead hackers to unlock more of people’s accounts. Hopefully, OpenAI is able to address this.