ChatGPT Data Breach: 100K+ Account Credentials Leaked on Dark Web

Alert to all ChatGPT users: A shocking disclosure has surfaced, with over 100,000 ChatGPT account credentials being leaked on the dark web. The implications are alarming, as this ChatGPT data breach spans from the platform’s launch in June 2022 to May 2023, indicating an ongoing threat. The alarming findings were reported by renowned cybersecurity firm Group-IB.

“The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023,” a Group-IB specialist said. “The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year.”

The global impact of this security compromise is far-reaching, with the United States, India, France, Morocco, Indonesia, Pakistan, and Brazil emerging as the countries most affected by the theft of user credentials. Disturbingly, many of these compromised credentials have already found their way into the sinister hands of dark web marketplaces.

Investigations reveal that many information stealer malware families have been used to steal these accounts, with the notorious Raccoon info stealer taking the lead.

“Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces,” Group-IB said. “Additional information about logs available on such markets includes the lists of domains found in the log as well as the information about the IP address of the compromised host.”

Shockingly, Raccoon alone has been responsible for compromising a freaking 78,348 accounts. Most of this malware sheds light on the dark web’s thriving underground ecosystem. Even individuals with minimal coding skills can obtain subscription-based access to Raccoon, fueling the rise of cybercrime-related offenses.

These malicious info stealers offer more than just credential theft—they enable perpetrators to automate subsequent attacks, amplifying the scale of their malicious activities.

While Raccoon steals the spotlight, other malicious tools have also played a role in this ChatGPT account theft. Vidar, the second most prominent malware in this operation, breached 12,984 accounts, followed by the RedLine malware, with 6,773 credentials compromised.

The seriousness of this breach extends beyond personal data vulnerability. As ChatGPT users often store their conversations within the application, the ramifications of this leak become more profound.

Malicious actors gain access not only to personal information but also to a treasure trove of business plans, app development discussions, malware development endeavors (unfortunately), and various written exchanges. The breadth of information stolen is from company trade secrets that should never have been exposed to personal diaries or classified documents.

This breach serves as an alert reminder that caution is crucial. The security of your ChatGPT window, whether at home or work, demands your utmost attention.

Take proactive measures such as installing reputable plugins, using robust passwords, enabling two-factor authentication (2FA), and adhering to essential cybersecurity best practices. Doing so can significantly reduce the risk of falling victim to such targeted attacks.

“Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials.”

In the face of this informational heist, it becomes evident that every password holds importance. However, the security of your ChatGPT account stands as a paramount concern. Safeguard your digital interactions and protect the invaluable conversations within the platform.

Related Stories: