• Over 100,000 ChatGPT accounts were leaked to Dark Web marketplaces in the last year.
• Cybersecurity firm Group-IB discovered that compromised ChatGPT accounts were leaked to various Dark Web Marketplaces.
• The Asia-Pacific region saw the largest number of ChatGPT accounts stolen during this period, comprising over 40%.
ChatGPT Accounts Compromised
Over 100,000 compromised ChatGPT accounts have been leaked to Dark Web marketplaces throughout the last year. According to cybersecurity firm Group-IB, hackers have taken aim at OpenAI’s language model.
Credentials Exposed
Group-IB revealed that compromised ChatGPT accounts and their credentials have been leaking to dark web marketplaces since as early as June 2022, peaking in May 2023 when over 26K accounts were leaked. The firm outlined that the Asia-Pacific region saw the largest number of ChatGPT accounts stolen during this period, comprising over 40%.
Reason for Leak
ChatGPT has been used increasingly by employees to optimize their workflow in various fields of expertise such as software development and business communications. As a result, unauthorized access to these accounts may expose confidential or sensitive information which can be exploited for targeted attacks against companies and their employees.
Impact on Businesses
The leak of so many personal credentials can have a great impact on businesses due to potential security breaches. Companies must take extra measures such as increased surveillance and rigorous authentication protocols for all users accessing corporate data. Furthermore, regular password changes should be applied across all staff members with access privileges for further protection against potential threats.
Conclusion
This incident serves as a reminder of how important it is for companies and organizations to ensure proper security procedures are in place when dealing with customer or employee credentials online. By implementing advanced authentication protocols such as multi-factor authentication (MFA) and two-step verification (TSV), businesses can drastically reduce the risk of account hijacking and data theft from malicious actors on the internet.