OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident


On Friday, OpenAI revealed that a glitch in the open source library Redis was accountable for revealing the personal data and chat titles of other users on their ChatGPT service earlier in the week.

On March 20, 2023, a problem was discovered that allowed specific users to see brief summaries of conversations from other users on the chat history sidebar. This prompted the company to temporarily shut down the chat software.

The company stated that if two users were online at the same time, it could be possible for the first message in a newly-initiated conversation to be seen in another user's chat history.

The paragraph could be paraphrased as: The bug was found to have originated in the redis-py library. This glitch caused a situation where requests that were canceled might disrupt connections, resulting in retrieval of unintentional data from the database cache. The data obtained was information of an unrelated user.

The AI research company in San Francisco announced that a change they made on their server was accidental which caused an increase in the number of request cancellations and consequently raised the rate of errors.

Although the problem has now been resolved, OpenAI pointed out that it could have had further consequences elsewhere. It could have possibly exposed payment-related details of 1.2% of ChatGPT Plus subscribers on March 20, from 1 to 10 a.m. PT.

The information that was disclosed consisted of the first and last name, email address, payment address, the final four digits of a credit card number, and the credit card's expiration date belonging to another user who was also active. It was made clear that complete credit card numbers had not been revealed.

The organization reported that it has contacted impacted individuals to inform them about the unintentional disclosure. Additionally, they stated that they have implemented additional measures to verify that the information retrieved from our Redis cache matches the user who requested it.

OpenAI Fixes Critical Account Takeover Flaw

The company resolved a serious problem involving caching, as well as an account takeover vulnerability that could be used to gain access to another user's account, examine their chat history, and obtain their billing data without their permission.

A vulnerability was found by security expert Gal Nagli, which allows access to confidential information of a user, by circumventing the safeguards implemented by OpenAI for chat.openai[.]com.

To accomplish this, a carefully designed link is initially generated that adds a .CSS resource to the chat.openai[.]com/api/auth/session/ endpoint. The aim is to deceive an unsuspecting individual into clicking on this link, which would prompt a cached response that includes a JSON object consisting of the accessToken string to be stored in Cloudflare's CDN.

The attacker exploits the cached response to the CSS resource, identified by the CF-Cache-Status header as HIT, in order to obtain the target's JSON Web Token (JWT) login details and gain access to their account.

Nagli reported that OpenAI rectified the bug within two hours of being informed, which highlights how serious the problem was.

Post a Comment

Previous Post Next Post