The ChatGPT desktop app for Mac just got hit with a security breach

OpenAI has confirmed a security breach involving two employee devices that impacted the ChatGPT desktop app for Mac. The company is currently rolling out a software update to address the issue, with a full update expected by June 12. This incident highlights ongoing security concerns related to the app, which is widely used by Mac users for accessing ChatGPT.

According to a report by 9to5Mac, OpenAI identified malicious activity linked to a security vulnerability involving a widely-used open-source library. The breach affected two employee devices, but the company states that no user data was accessed or compromised. In a blog post, OpenAI said, “Upon identification of the malicious activity, we worked quickly to investigate, contain and take steps to protect our systems.”

The company has hired a third-party digital forensics firm to investigate the incident further. OpenAI emphasized that only limited credential material was exfiltrated from code repositories and that no other information or code was impacted. Mac users are advised to update the app promptly when prompted, while users on other platforms like Windows and iOS are unaffected and do not need to take action at this time.

This is not the first security concern related to the ChatGPT Mac app; in 2024, it was revealed that user conversations were stored locally in plain text rather than being encrypted, raising privacy issues.

Why It Matters

This incident underscores ongoing cybersecurity risks associated with widely used AI applications and the importance of rapid response and transparency from companies like OpenAI. For users, it highlights the need to keep software updated and remain vigilant about security alerts. The breach also raises questions about the security of open-source components integrated into proprietary applications, which are common in software development.

Background

OpenAI’s ChatGPT Mac app has been popular among users since its launch, offering a native desktop experience. Previous security issues, such as the 2024 incident involving local data storage, have raised concerns about user privacy. The current breach involves a compromised open-source library, a common vector for cyberattacks, which has affected many organizations across the tech industry.

“We confirmed that only limited credential material was successfully exfiltrated from these code repositories and that no other information or code was impacted.”

— OpenAI spokesperson

“The breach involved malicious activity on two employee devices linked to a security vulnerability involving a widely-used open-source library.”

— 9to5Mac report

What Remains Unclear

It is not yet clear how the malicious activity was initially triggered or whether additional devices or systems were potentially affected. The full scope of the breach and the specific open-source library involved remain undisclosed, and OpenAI has not provided a detailed timeline beyond the current update rollout.

What’s Next

OpenAI will continue its investigation with the third-party firm and is expected to release a detailed report once the full scope is understood. The company will also implement additional security measures to prevent similar incidents in the future. Users should update their app promptly and stay informed about further guidance from OpenAI.

Key Questions

What exactly was compromised in the breach?

OpenAI states that only limited credential material was exfiltrated, and no user data or code was accessed. The full details of what was compromised are still being investigated.

Should I uninstall or stop using the ChatGPT Mac app?

No, users are advised to update the app when prompted. There is no indication that the app should be uninstalled or that it is unsafe to use after the update.

Will my data be affected or stolen?

OpenAI has confirmed that no user data was accessed or compromised during this breach.

When will the full update be available to all users?

The company has announced that the update will roll out to all users by June 12, 2024.

Is this incident related to previous security issues?

This is a separate incident from the 2024 local data storage issue, but it highlights ongoing security challenges for the app.