In a startling revelation, more than 100,000 OpenAI ChatGPT account credentials have appeared on illicit markets on the dark web in the one-year period from June 2022 to May 2023.
According to a report by Group-IBthese credentials were discovered within records of stolen information that were later put up for sale on underground cybercrime platforms.
Affected users worldwide
India bore the brunt of this breach, with 12,632 stolen credentials dating back to the country.
This highlights the rapid adoption of ChatGPT in India. Many Indian tech companies have integrated ChatGPT to improve customer service and employee productivity.
Several other countries follow closely behind. Pakistan, Brazil, Vietnam, Egypt, United States, France, Morocco, Indonesia and Bangladesh are the most affected.
Widespread impact indicates the popularity of ChatGPT across cultures and regions.
Behind the Breach: The Role of Information Thieves
Info thieves have grown in popularity among cybercriminals due to their ability to grab passwords, cookies, credit cards and other vital information from browsers and cryptocurrency wallet extensions.
The success of information theft suggests that people are not practicing good cyber hygiene, such as using unique passwords and enabling two-factor authentication.
Logs containing compromised information collected by information thieves are easily traded on dark web marketplaces.
Law enforcement agencies are struggling to curb illicit transactions on the dark web, which has become a hub for cybercriminal activity because of the anonymity it provides.
ChatGPT integration risks and need for safe practices
“Many companies are integrating ChatGPT into their operational workflow,” notes Dmitry Shestakov, head of threat intelligence at Group-IB.
This highlights how AI is transforming businesses, but also introducing new risks.
In light of these risks, Shestakov recommends that users follow proper password security practices and secure their accounts with two-factor authentication (2FA) to thwart account takeover attacks.
Enabling 2FA is one of the best ways users can protect their accounts, as it requires not only the password, but also other information such as a security code sent to the user’s phone.
To sum up
This incident underscores the urgent need for improved security practices in a world increasingly dependent on AI and digital interactions.
As cybercriminals evolve their tactics, public awareness of cyber risks and how to mitigate them becomes more critical.
Regardless of the tools you use, be vigilant and prioritize safe practices to avoid becoming an easy target.
Featured image: BRO.vector/Shutterstock
[ad_2]
Source link
