Security News > 2024 > July > Not-so-OpenAI allegedly never bothered to report 2023 data breach
![Not-so-OpenAI allegedly never bothered to report 2023 data breach](/static/build/img/news/not-so-openai-allegedly-never-bothered-to-report-2023-data-breach-medium.jpg)
Security in brief It's been a week of bad cyber security revelations for OpenAI, after news emerged that the startup failed to report a 2023 breach of its systems to anybody outside the organization, and that its ChatGPT app for macOS was coded without any regard for user privacy.
According to an exclusive report from the New York Times, citing a pair of anonymous OpenAI insiders, someone managed to breach a private forum used by OpenAI employees to discuss projects early last year.
Execs who disclosed the breach to employees didn't think it was much of a threat, because it was believed the miscreant behind the breach was a private individual unaffiliated with any foreign governments.
The ChatGPT maker committed to setting up an AI safety committee after the departures of Sutskever and Jan Leike - the head of OpenAI's previous safety team devoted to tackling the long-term threats of AI. Whether news of a secret, heretofore unreported, breach that OpenAI leadership reportedly thought it knew better about than federal regulators will help repair its tarnished safety reputation is anyone's guess.
American insurance provider Prudential has updated the total number of victims whose data was stolen in a February data breach - from 36,000 to over 2.5 million.
The victim count update didn't include any additional details as to how the breach occurred, and a new breach letter wasn't attached to the notice.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/08/infosec_in_brief/
Related news
- Collection agency FBCS ups data breach tally to 3.2 million people (source)
- Frontier warns 750,000 of a data breach after extortion threats (source)
- Frontier warns 750,000 of a data breach after extortion threats (source)
- Christie's starts notifying clients of RansomHub data breach (source)
- 23andMe data breach under investigation in UK and Canada (source)
- Cylance confirms data breach linked to 'third-party' platform (source)
- Pure Storage confirms data breach after Snowflake account hack (source)
- Cylance clarifies data breach details, except where the data came from (source)
- Life360 says hacker tried to extort them after Tile data breach (source)
- Student's flimsy bin bags blamed for latest NHS data breach (source)