Just days before Thanksgiving, OpenAI confirmed that it was affected by a security breach that began earlier in the month. Product analytics platform, Mixpanel, alerted OpenAI of an attack on its systems that extorted customer information belonging to OpenAI users.
API accounts are the ones affected, not ChatGPT accounts or users. API account users are being alerted that the exposed information includes, the name provided on the account, email address, approximate browser location, browser and operating system information, referring websites, and organization or user IDs associated with the API account.
Following the announcement of this incident, OpenAI has stopped using Mixpanel.
(–Source: Forbes
Read More: OpenAI Data Breach Exposes User Data. Here’s What To Do Immediately )
Nearly 34 million Korean customers of one of South Korea’s largest e-commerce platforms, Coupang, have had their personal information leaked because of an ongoing data breach incident.
After the first detection of unauthorized activity on November 18th, further investigation led the company to discover that access began in late June from overseas servers. Upon discovery, the company blocked the unauthorized access route, increased their internal monitoring and security, enlisted the help of a security firm, and reported the incident to the police. Currently, the main suspect is a former Coupang employee from China who now lives abroad.
Payment details and login credentials remain secure, but information including customer names, contact information, shipping addresses, and order histories have been exposed.
(–Source: TechCrunch on MSN
Read More: Korea’s Coupang says data breach exposed nearly 34M customers’ personal information )
An August data breach on the University of Pennsylvania has been announced, with the incident having compromised data related to development and alumni activities.
This incident was a result of exploitation of a previously known vulnerability in the Oracle E-Business Suite, a vulnerability that has been identified as the cause of several recent data breaches on various organizations.
The Penn attacker claims to have obtained the personal information of 1.2 million students, alumni, and donors of the school. This claim heavily contrasts with the 1,488 victims indicated in the university’s breach notification letter to the Maine Attorney General’s office. The school has yet to disclose the exact number of impacted individuals, making it unclear just how many Penn-affiliated individuals have had their information compromised.
The University of Pennsylvania is in the process of notifying affected parties.
(–Source: Bleeping Computer
Read More: University of Pennsylvania confirms new data breach after Oracle hack )
Another university has found itself wrapped up in a data breach related to the Oracle E-Business Suite vulnerability this week.
Earlier this week, the University of Phoenix made a post about the data breach on its website. The post states that the incident was detected on November 21st after the Clop ransomware gang added the university to its data leak site.
Investigation is still ongoing, but as of right now, the university believes that the personal information belonging to current and former students, faculty and suppliers of the school is impacted. This personal information likely includes names, contact information, birth dates, SSNs, and bank account details.
Affected individuals will receive a data breach notification containing more details in the mail very soon.
(–Source: Bleeping Computer
Read More: University of Phoenix discloses data breach after Oracle hack )
After fintech company, Marquis, filed data breach notices with several states, dozens of banks and credit unions in the US are being notified that customer information was compromised in a ransomware attack in mid August of this year.
Members of the Maine State Credit Union are believed to make up a majority of the affected individuals, but the number of victims (currently believed to be around 400,000) is expected to rise as investigation continues.
Customer names, birth dates, addresses, financial account numbers, and SSNs were compromised in the attack.
(–Source: TechCrunch on MSN
Read More: Fintech firm Marquis alerts dozens of US banks and credit unions of a data breach after ransomware attack )
