ChatGPT users still need to be careful online, as a cybersecurity firm reportedly found more than 100,000 login credentials for the generative AI platform available for purchase on the dark web.
The popularity of ChatGPT has infiltrated businesses around the world, with employees using the generative AI service for everything from emails to coding.
However, it appears the excitement around this new, productivity-increasing tech has led to some serious cybersecurity issues that need to be addressed.
ChatGPT Account Credentials Found on Dark Web
Today, Cybersecurity firm Group-IB announced that it had stumbled on a massive collection of ChatGPT account credentials on the dark web marketplace. The Singapore-based company identified 101,134 malware-infected devices, all of which contained login details for the generative AI platform.
Group-IB was also able to discover where exactly these devices originated from, and outlined which countries were the hardest hit. The Asia-Pacific area was hit the hardest with more than 40,999 compromised accounts, while the Middle East-Africa region account for nearly 25,925 and Europe accounting for 16,951, according to their data.
As for which countries were impacted the most, India saw the largest numbers at more than 12,632, then Pakistan (9,217), Brazil (6,531), Vietnam (4,771), and Egypt (4,588) rounding out the top five.
Is ChatGPT Safe to Use?
Given this news, it's understandable to wonder about whether or not ChatGPT is safe to use in the long term. Here's what one professional at Group-IB had to say about why.
“Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we are continuously monitoring underground communities to promptly identify such accounts.” – Dmitry Shestakov, Head of Threat Intelligence at Group-IB
The reality is that ChatGPT is going to present an extremely attractive opportunity for hackers, and there's not much to do about it. All that valuable information is going to encourage new methods of accessing it, and any company is going to have a hard time keeping up.
How to Protect Yourself
While the task of protecting your information online may seem daunting, there are a few things you can do to make sure you aren't flippantly utilizing ChatGPT in exchange for unsecured company data.
For starters, don't share confidential or proprietary company data on ChatGPT. The platform saves everything to make itself smarter, which means you could end up leaking some serious information. Companies like Samsung have even gone as far to ban ChatGPT for employees to prevent this.
If you want to take extra measures, Group-IB recommends some basic security measures, like changing your password often and enabling two-factor authentication in ChatGPT, so at least your credentials can't be used for nefarious purposes.