OpenAI—ChatGPT Redis library bug exposed chat histories and payment information of 1.2% of Plus subscribers to other users
On March 20, 2023, a bug in the Redis open-source library used by ChatGPT caused a data leak where certain users could view the chat titles and first messages of other users' conversations. Approximately 1.2% of ChatGPT Plus subscribers (estimated 12,000+ paying users) had their chat history titles exposed, and some payment information (names, email addresses, payment details) was compromised. OpenAI shut down ChatGPT for 9 hours to fix the vulnerability, disclosed the incident promptly, and notified affected users.
Scoring Impact
| Topic | Direction | Relevance | Contribution |
|---|---|---|---|
| Consumer Protection | -against | primary | -1.00 |
| Corporate Transparency | +toward | contextual | +0.20 |
| User Privacy | -against | primary | -1.00 |
| Overall incident score = | -0.531 | ||
Score = avg(topic contributions) × significance (high ×1.5) × confidence (0.59)
Evidence (1 signal)
OpenAI disclosed Redis bug exposed chat titles and payment info for 1.2% of ChatGPT Plus subscribers on March 20, 2023
OpenAI shut down ChatGPT for 9 hours on March 20, 2023, after discovering a Redis library bug that allowed some users to view other users' chat history titles and first messages. The bug affected approximately 1.2% of ChatGPT Plus subscribers and exposed some payment information. OpenAI promptly disclosed the incident and notified affected users.