OpenAI’s ChatGPT desktop app for Mac has experienced a security breach involving two employee devices, as reported by 9to5Mac. The company is rolling out a software update to address the issue, which will reach all users by June 12.
The breach originated from a compromised widely-used open-source library. Following the identification of the malicious activity, OpenAI stated, “Upon identification of the malicious activity, we worked quickly to investigate, contain and take steps to protect our systems,” in a company blog post.
OpenAI confirmed it found no evidence that user data was accessed and stated that no systems were compromised during the incident. A third-party digital forensics and incident response firm has been hired to further investigate the matter. “We confirmed that only limited credential material was successfully exfiltrated from these code repositories and that no other information or code was impacted,” the company added.
Mac users are advised to update the app when prompted. OpenAI plans to provide additional guidance later. Users on Windows and iOS platforms do not need to take any action.
This incident marks the second security issue for the ChatGPT app for Mac. In 2024, a developer discovered that user conversations were stored in plain text instead of being encrypted.
