OpenAI is notifying customers about a third-party security slip that exposed limited profile data for some API users, after analytics provider Mixpanel confirmed it was hit by a smishing attack.
Mixpanel, which is based in San Francisco and says it serves more than 11,000 corporate customers, said the breach originated from a fraudulent text message detected earlier this month. OpenAI says its own systems weren’t affected, but the incident showed how a breach at an external analytics provider can still expose customer information.
According to the company, the attacker accessed a dataset containing names, email addresses, and basic browser details. No passwords, credentials, chat content, or API keys were exposed, and OpenAI has since removed Mixpanel from production and begun notifying impacted users.
What OpenAI and Mixpanel reported
Business Insider reported that Mixpanel described the incident as the result of a smishing message that allowed an attacker to gain access to internal systems and export a dataset used for analytics.
Mixpanel said the attack was detected on November 8 and involved fraudulent text messages designed to trick employees. Smishing is a combination of SMS and phishing, and uses text messages to trick people into revealing sensitive information or downloading malware.
OpenAI said in its own disclosure that the breach affected only third-party analytics data and that internal infrastructure remained secure. The company confirmed that the exposed information included names, email addresses, coarse location based on API user browser, and technical details such as operating system and browser type.
“Transparency is important to us,” OpenAI said in its published statement, noting that affected API users were contacted once the company conformed what has been accessed.
What data was exposed and who was affected
Proton reported that even limited metadata, such as names, email addresses, and approximate locations, can still put users at risk, as attackers can use this information to launch phishing or social engineering attempts aimed at gaining access to more sensitive accounts.
OpenAI didn’t disclose how many accounts were affected, but emphasized that only API users at platform.openai.com were impacted. It also explained that ChatGPT users completing everyday tasks weren’t affected because their data wasn’t processed through Mixpanel.
OpenAI says it has suspended its relationship with Mixpanel and initiated a broader vendor security review in response.
Why the incident matters for AI security
Proton highlighted that metadata exposure can be used as stepping stones for more harmful attacks when combined with phishing techniques. According to Proton, “despite this reassurance, even limited metadata can be dangerous in the wrong hands.”
Proton also raised broader concerns about AI privacy, stating that AI tools like ChatGPT aren’t built with privacy in mind. Hence, if your organization uses ChatGPT, your personal or business data are at risk. As Proton emphasized, “ Your sensitive information, prompts, metadata, and usage patterns can be stored, analyzed, or shared with third parties you’ve never heard of and may have no reason to trust — like in OpenAI’s case.”
Business Insider also highlighted that a hacker gained access to OpenAI’s internal messaging systems last year and stole data related to advanced AI technology.
These incidents reflect the broader security pressures surrounding high-profile AI companies. As OpenAI and its competitors expand their platforms, the Mixpanel breach illustrates how third-party integrations can widen the attack surface even when core systems remain protected.
For more ways to strengthen AI security across your organization, explore eWeek’s guide to the best AI security tools.