OpenAI Fixes ChatGPT Security Vulnerability That Caused Extended Downtime
ChatGPT went down for a while on March 20 as OpenAI rushed to fix a security flaw uncovered by Gil Nagli, CEO of cybersecurity software firm Shockwave.cloud. OpenAI later shared at least some of what happened and how it would fix it in a relatively transparent manner.
It was possible to takeover someone’s account, view their chat history, and access their billing information without them ever realizing it.
Breakdown below 👇 pic.twitter.com/W4kXMNy6qI
— Nagli (@naglinagli) March 24, 2023
The “web cache deception” described by Nagli opened up a method for hackers to quietly gain access to someone else’s ChatGPT account, including their history and the billing information of premium users. On Friday, OpenAI shared some details about the vulnerability, explaining the impact was limited to 1.2% or fewer of ChatGPT Plus subscribers over a nine-hour period and no non-paying users at all. The company explained in layman’s terms what happened, then went into some of the technicalities. The problem originated with the open-source caching software Redis, made worse by a software update by OpenAI.
“We took ChatGPT offline earlier this week due to a bug in an open-source library which allowed some users to see titles from another active user’s chat history. It’s also possible that the first message of a newly-created conversation was visible in someone else’s chat history if both users were active around the same time,” OpenAI wrote in its post. “In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time.”
Nagli criticized OpenAI’s lack of a bug bounty program, as it might have spotted and fixed the problem ahead of time. That said, he approved of how quickly OpenAi reacted and ended the problem through two separate patches. OpenAI implemented the first patch within 45 minutes of receiving Nagli’s note, and the other went live in 90 minutes. Whether the new plug-ins for ChatGPT had anything to do with making the chatbot more vulnerable is unclear, but the company’s rapid expansion of features and widening user base means there may be other undetected issues within the code.
“OpenAI was a platform provider offering API services in November 2022. A consumer-style web app must address a different set of security vulnerabilities related to the application operation and the variety of tools, such as browsers, that are used to access it. The developers that access API services for user-facing applications must account for full-stack security, so some of OpenAI’s customers may be well-versed in these issues,” Voicebot and Synthedia founder Bret Kinsella wrote in the Synthedia newsletter on the news. “OpenAI may have just received a gift in the proactive notification from Nagli (and maybe others) with what looks like a relatively small risk exposure. This will surely not be the last security vulnerability identified for ChatGPT or similar solutions. My guess is that OpenAI is not looking at security with renewed vigor and trying to minimize other blindspots. Well, I hope they are.”