UPDATE 1-OpenAI says no user data breached after security issue with open-source library

Microsoft Corporation

Microsoft Corporation

MSFT

0.00

Adds further details

May 14 (Reuters) - OpenAI said on Wednesday it found no evidence that its user data was accessed after a security issue involving a supply-chain attack on TanStack npm, an open-source library.

Here are some details:

  • The ChatGPT-maker said it found no evidence that its production systems or intellectual property were compromised, or that their software was altered

  • OpenAI said two employee devices in its corporate environment were impacted after TanStack, a widely used open-source library, got compromised earlier this week

  • Limited credential material was exfiltrated from these code repositories and no other information or code was impacted, OpenAI said

  • The AI firm said that it isolated the impacted systems immediately after the attack and temporarily restricted code-deployment workflows, to contain impact

  • OpenAI said it is rotating code-signing certificates, which would require macOS users to update their applications

  • OpenAI did not immediately respond to a Reuters request for further details


This page is machine-translated. Sahm tries to improve but does not guarantee the accuracy and reliability of the translation, and will not be liable for any loss or damage caused by any inaccuracy or omission of the translation. *Disclaimer: The above content only represents the author's personal position and opinion and does not represent any position of Sahm Capital Financial Company and Sahm cannot confirm the authenticity, accuracy, and originality of the above content. Investors should consider the risks of investment products in light of their circumstances before making any investment decisions. When necessary, please consult a professional investment advisor. Sahm does not provide any investment advice, nor does it make any commitments and guarantees.