OpenAI confirms employee devices compromised in supply-chain attack, user data unaffected
By
Lorenzo Franceschi-Bicchierai
Summary
OpenAI confirmed that two employees' devices were compromised in a supply-chain attack targeting open source projects. The company investigated and found no evidence that user data, production systems, intellectual property, or software were affected. The damage was limited to the employees' devices.
Source
Key quotes
· 3 pulledOpenAI confirmed that two employees had their devices 'impacted by this attack.'
The company said in a blog post that it found 'no evidence that OpenAI user data was accessed, that our production systems or intellectual property were compromised, or that our software was altered.'
OpenAI said the damage was limited to the employees' devices and did not affect user data nor its production systems, and none of its intellectual property was stolen.
You might also wanna read
OpenAI Responds to Axios Supply Chain Security Incident, Updates macOS App Certificates
OpenAI responded to a security incident involving the Axios developer tool, which was part of a broader industry supply chain attack. The co
OpenAI Terminates Employee for Using Confidential Information on Prediction Markets
OpenAI has terminated an employee for using confidential company information to trade on external prediction markets like Polymarket. The fi
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att
Analysis of OpenAI's Training Data Revealed Through Open-Weights Model Release
The article analyzes OpenAI's open-weights model release and discusses how it inadvertently reveals information about their training data so

OpenAI and Google Employees Support Anthropic's Lawsuit Against Pentagon Over Supply Chain Risk Designation
Anthropic filed a lawsuit against the Department of Defense challenging its designation as a supply chain risk, a label typically reserved f
OpenAI's Open-Source Release and the Narrowing Focus on AI Ethics
The article discusses OpenAI's recent release of an open-source language model, highlighting the delays due to 'safety' concerns and the com

Comments
Sign in to join the conversation.
No comments yet. Be the first.