- OpenAI said hackers stole data from Mixpanel, its analytics partner.
- The AI startup said no ChatGPT users were affected but warned devs to be wary of suspicious emails.
- OpenAI's rapid rise to one of the world's most valuable companies has made it a target for hackers.
OpenAI is warning developers to be wary of phishing attacks after hackers stole data from its analytics partner.
The ChatGPT maker said on Thursday that a security breach earlier this month at Mixpanel, a web analytics platform, may have included profile information for users of OpenAI's developer platform.
OpenAI said the data affected could include "limited analytics data" such as names, email addresses, and approximate location for some API users.
The company said that OpenAI's systems had not been breached and that users of ChatGPT were unaffected, adding that passwords, payment details, and chat or API requests had not been compromised.
However, OpenAI said that the leaked data could be used to target developers with phishing attacks, and warned them to "treat unexpected emails or messages with caution."
Jake Moore, global cybersecurity advisor for internet security firm ESET, told Business Insider that while the exposed data was of "low sensitivity," it could be combined to "craft convincing fraudulent messages."
A Mixpanel spokesperson directed Business Insider to a separate statement from the company's CEO, Jen Taylor, who said Mixpanel is communicating with all affected customers and has engaged with law enforcement regarding the attack.
Mixpanel, which is based in San Francisco and says it has over 11,000 corporate users, said the breach on its systems originated from a "smishing" attack detected on November 8.
Smishing attacks use fake text messages to trick targets into revealing personal information or downloading malware.
The companies did not disclose how many people were affected by the data theft.
OpenAI's rapid rise to become one of the world's most valuable companies has made it a target for hackers.
Last year, The New York Times reported that a hacker gained access to the company's internal messaging systems and stole data related to advanced AI technology, and in June 2024, one former OpenAI researcher said he was fired after raising concerns about the AI startup's security and the threat of potential Chinese espionage.
OpenAI did not respond to a request for comment, sent outside normal working hours.
The post OpenAI says hackers stole data from its analytics partner — but no ChatGPT users were affected appeared first on Business Insider