OpenAI has refuted claims of a data breach after a hacker known as ’emirking’ allegedly attempted to sell 20 million stolen credentials linked to OpenAI accounts. The hacker posted the offer on BreachForums, a notorious site where cybercriminals often boast about stealing sensitive data from major companies. However, OpenAI quickly investigated the claim and found no evidence that its systems had been compromised.
In a statement to SecurityWeek, a spokesperson for OpenAI emphasized that the company has not detected any breach of its infrastructure related to these claims. “We take these claims seriously, but to date, we have found no evidence that these credentials are connected to a compromise of OpenAI systems,” the spokesperson said.
Security firm Kela analyzed the data provided by the hacker and concluded that the credentials were likely harvested through “infostealer” malware, a type of malicious software used to steal login details and other sensitive information. Kela’s investigation found the credentials appeared in its extensive database of records from infostealers such as Redline, StealC, Lumma, and Vidar. These malware programs are notorious for scraping data from compromised systems, suggesting the leak did not originate from OpenAI itself.
Kela also noted that the hacker’s post included logs linked to a variety of infostealer tools, pointing to the possibility that the 20 million credentials were part of a broader dataset collected from both private and public sources. Infostealer malware has been known to target personal data across various platforms, including browsers, emails, and other applications.
While the hacker’s claims have raised alarm, Kela’s analysis strongly suggests that the breach is not tied to OpenAI’s servers, but rather to the widespread issue of malware-driven data theft. The compromised credentials were found to come from over a dozen different sources, including data dumps of previously stolen information.
This case serves as a reminder of the persistent risks posed by malware and the importance of securing personal accounts across platforms. OpenAI continues to monitor the situation but assures users that no breach of its systems has occurred.
