Home
Ai
Ai News
OpenAI Confirms User Data Exposed After Mixpanel Security Breach

OpenAI Confirms User Data Exposed After Mixpanel Security Breach

OpenAI said that some of the data relating to its API users, such as name, email, and location, could have been compromised.

Written by Akash Dutta, Edited by Rohan Pal | Updated: 27 November 2025 16:24 IST

OpenAI Confirms User Data Exposed After Mixpanel Security Breach

Photo Credit: Reuters

OpenAI has asked impacted users to remain vigilant for credible-looking phishing attempts

Click Here to Add Gadgets360 As A Trusted Source

Highlights

The Mixpanel data breach occurred on November 9
OpenAI said no chat, password, or API keys were exposed
The AI giant has removed Mixpanel from its production services

OpenAI's user data was exposed in a recent Mixpanel data breach, the company stated on Thursday. The San Francisco-based artificial intelligence (AI) giant revealed that while most of its sensitive user data, and the data of the end-users accessing ChatGPT, Sora app, and the ChatGPT Atlas browser was not exposed in this breach, some information about its application programming interface (API) users might have been leaked. The company has now started a security investigation, and OpenAI has stopped using Mixpanel services.

OpenAI's API Data Might Have Been Breached

In a newsroom post, the AI giant detailed the data breach incident that occurred on November 9. Mixpanel's systems were hacked into by an attacker and the threat actor was able to export a dataset that also included information about OpenAI's users. However, the ChatGPT maker said that the breached dataset contained limited customer identifiable information and analytics information. Mixpanel shared the affected dataset with the AI company on November 25, stating that they were investigating the incident.

OpenAI also highlighted that its servers and products were not impacted in this data breach, and sensitive data, such as that, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs, were not compromised.

ChatGPT’s Voice Mode Will Now Open Directly Within the Chat Interface

Detailing the impact OpenAI's API users should expect, the company said that user profile information associated with the use of “platform.openai.com” might have been included in the exported data. The particulars of the breach could include:

Name that was provided to OpenAI on the API account
Email address associated with the API account
Approximate coarse location based on API user browser (city, state, country)
Operating system and browser used to access the API account
Referring websites
Organisation or User IDs associated with the API account

As a response, the ChatGPT maker has removed Mixpanel from its production services. It has also reviewed the affected datasets and is working with the digital analytics company and other partners to understand the full scope of the breach. “While we have found no evidence of any effect on systems or data outside Mixpanel's environment, we continue to monitor closely for any signs of misuse,” the company said.

As a preventive measure, the AI giant has requested all potentially impacted users to remain alert towards “credible-looking phishing attempts or spam.”

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: OpenAI, Mixpanel, data privacy, cybersecurity, AI, Artificial Intelligence

Akash Dutta Email Akash Dutta

Akash Dutta is a Chief Sub Editor at Gadgets 360. He is particularly interested in the social impact of technological developments and loves reading about emerging fields such as AI, metaverse, and fediverse. In his free time, he can be seen supporting his favourite football club - Chelsea, watching movies and anime, and sharing passionate opinions on food. More