A bug in a library used in ChatGPT exposes user information

Posted date 14/04/2023

Due to a bug in an open source Redis library, ChatGPT was forced to take its service offline for a short period of time. The detected bug allowed some users to view the search history titles of other users logged in at the same time.

In addition, the bug affected 1.2% of active ChatGPT Plus subscribers, as some of the information exposed also included the last four digits of credit cards, but in no case were the full numbers exposed. The company has assured that the users affected by the exposure of this information have been contacted.

On the other hand, Redis has released a patch to fix the affected library and the bug has been fixed.