- A hacker has allegedly listed 20 million session of OpenAi for sale
- However, the origins of these credentials are disputed
- Operai says that his research has not found evidence of a commitment
A hacker states that it sells the login credentials of 20 million accounts of Operai users, but the company says that its own research has not found evidence of a trick.
A Malwarebytes Labs report discovered that a cybercriminal called “Emiring” had listed a set of data for sale in a cyber crimes forum that said it said, ’20 million access codes to Openai accounts’.
Operai replied, stating: “We took these statements seriously. We have not seen any evidence that this is connected to a commitment of the Operai systems to date. “Infractions such as these may have catastrophic consequences for both the company and users, but there are some red flags that point to this incident Be less than genuine, this is what we know.
An unlikely story?
In the initial report of the Malwarebytes laboratory, there was some doubt about the origins of the information, with the report describing
“It seems unlikely that such a large amount of credentials can be harvested in phishing operations against users, so if the claim is true, emirking may have found a way to compromise the auth0.openai.com subdomain when exploiting a vulnerability or get administrator credentials. “
The report also noted that the cybercrime allegedly responsible for the leak was a relatively new user of the forums, which would not mean much on its own, but Kela Cybersecury also evaluated the available data, and concluded that the credentials were obtained through malware Infosteaper malware.
The sample analyzed by Kela showed the compromised session initials related to Openai services, and contained authentication details to ‘Auth0.openai.com’.
Then, security researchers cross references these details with their own data of “compromised accounts obtained from the infostaler malware, which contains more than one billion records, including more than 4 million bots collected in 2024”.
“It was found that all the credentials of the sample shared by the actor ‘Emirking’ originate in these committed accounts, probably hinting at the source of the 20 million OpenAi accounts that the actor intends to sell,” confirmed the security company.
Ultimately, the investigation concluded: “The majority of the compromised credentials of OpenAI services offered for sale by breach per emigrating are not related to a violation of Openaai systems.”
The credentials were considered part of a larger data set “scraped from a combination of private and public sources that sell and share records of infants of infants”, not of a commitment not reported.
Stay safe
No matter how the filtered credentials were acquired, anyone who has leaked their details is at risk. The main danger with this incident are social engineering attacks and identity theft.
Because many AI chatbots users (sometimes involuntarily) will deliver personal information, any person with access to their accounts could use the committed email address to design personal and specific phishing attacks designed to steal even more information.
Simply request a chatbot for restaurant recommendations in your city, tips on budgets or specific questions or summaries of the work can give attackers all the information they need to prepare a convincing way of communicating pretending to be a colleague, a trusted company, friend or family member.
Being vigilant is the most effective way to combat this. Do not give any information to an unknown person or unexpected contact who has not thoroughly examined first, and be sure to click any link in which you do not trust 100%.
Be sure to create a strong and safe password, and it is important that you do not reuse passwords from one place to another; This helps to quarantine any account that has been violated.
It is a process similar to mitigating the risk of identity theft. Keep an eye on your accounts, account states and invoices to make sure there is nothing that does not recognize, and that your bank knows immediately if there is something suspicious.
We have also listed some software that can essentially do the job for you, monitor your credit files, warn about suspicious activities and alert it if personal information is used (such as new bank accounts that open to your name). Some even offer identity recovery and insurance policies of up to $ 1 million, so see our selections to obtain the best identity theft protection for families if their information is concerned.
