Following last week’s incident, Engadget reported that users of the bot posted screenshots showing that their ChatGBT sidebars showed previous chat logs of other users, but only the addresses of the conversations. That was visible and not the text itself.
In response, the company that developed the chatbot shut it down for about 10 hours to investigate.
The company published the results of the initial investigation from the incident, according to the technical website “Engadget”, today, which revealed a deeper security problem. The bug in the chat history caused the personal data of about 1.2% of subscribers to ChatGPT Plus, a package that offers access to bot-enhanced services for a monthly subscription, to be leaked.
“In the hours before ChatGBT was taken offline on Monday, some users could only see the first and last name of another active user, email address, payment address, and only the last four digits of a credit card number and expiration date,” the company wrote in a statement. But the full credit card numbers were not disclosed at any time.” The company confirmed that it has since addressed the issue.