Technology
Third-party breach exposes ChatGPT account details
NEWYou can now listen to Fox News articles!
ChatGPT went from novelty to necessity in less than two years. It is now part of how you work, learn, write, code and search. OpenAI has said the service has roughly 800 million weekly active users, which puts it in the same weight class as the biggest consumer platforms in the world.
When a tool becomes that central to your daily life, you assume the people running it can keep your data safe. That trust took a hit recently after OpenAI confirmed that personal information linked to API accounts had been exposed in a breach involving one of its third-party partners.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
The breach highlights how even trusted analytics partners can expose sensitive account details. (Kurt “CyberGuy” Knutsson)
What you need to know about the ChatGPT breach
OpenAI’s notification email places the breach squarely on Mixpanel, a major analytics provider the company used on its API platform. The email stresses that OpenAI’s own systems were not breached. No chat histories, billing information, passwords or API keys were exposed. Instead, the stolen data came from Mixpanel’s environment and included names, email addresses, Organization IDs, coarse location and technical metadata from user browsers.
FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING
That sounds harmless on the surface. The email calls this “limited” analytics data, but the label feels like PR cushioning more than anything else. For attackers, this kind of metadata is gold. A dataset that reveals who you are, where you work, what machine you use and how your account is structured gives threat actors everything they need to run targeted phishing and impersonation campaigns.
The biggest red flag is the exposure of Organization IDs. Anyone who builds on the OpenAI API knows how sensitive these identifiers are. They sit at the center of internal billing, usage limits, account hierarchy and support workflows. If an attacker quotes your Org ID during a fake billing alert or support request, it suddenly becomes very hard to dismiss the message as a scam.
OpenAI’s own reconstructed timeline raises bigger questions. Mixpanel first detected a smishing attack on November 8. Attackers accessed internal systems the next day and exported OpenAI’s data. That data was gone for more than two weeks before Mixpanel told OpenAI on November 25. Only then did OpenAI alert everyone. It is a long and worrying silent period, and it left API users exposed to targeted attacks without even knowing they were at risk. OpenAI says it cut Mixpanel off the next day.
The size of the risk and the policy problem behind it
The timing and the scale matter here. ChatGPT sits at the center of the generative AI boom. It does not just have consumer traffic. It has sensitive conversations from developers, employees, startups and enterprises. Even though the breach affected API accounts rather than consumer chat history, the exposure still highlights a wider issue. When a platform reaches almost a billion weekly users, any crack becomes a national-scale problem.
Regulators have been warning about this exact scenario. Vendor security is one of the weak links in modern tech policy. Data protection laws tend to focus on what a company does with the information you give them. They rarely provide strong guardrails around the entire chain of third-party services that process this data along the way. Mixpanel is not an obscure operator. It is a widely used analytics platform trusted by thousands of companies. Yet it still lost a dataset that should never have been accessible to an attacker.
Companies should treat analytics providers the same way they treat core infrastructure. If you cannot guarantee that your vendors follow the same security standards you do, you should not be collecting the data in the first place. For a platform as influential as ChatGPT, the responsibility is even higher. People do not fully understand how many invisible services sit behind a single AI query. They trust the brand they interact with, not the long list of partners behind it.
Attackers can use leaked metadata to craft convincing phishing emails that look legitimate. (Jaap Arriens/NurPhoto via Getty Images)
8 steps you can take to stay safer when using AI tools
If you rely on AI tools every day, it’s worth tightening your personal security before your data ends up floating around in someone else’s analytics dashboard. You cannot control how every vendor handles your information, but you can make it much harder for attackers to target you.
1) Use strong, unique passwords
Treat every AI account as if it holds something valuable because it does. Long, unique passwords stored in a reliable password manager reduce the fallout if one platform gets breached. This also protects you from credential stuffing, where attackers try the same password across multiple services.
Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
2) Turn on phishing-resistant 2FA
AI platforms have become prime targets, so they rely on stronger 2FA. Use an authenticator app or a hardware security key. SMS codes can be intercepted or redirected, which makes them unreliable during large-scale phishing campaigns.
3) Use strong antivirus software
Another important step you can take to protect yourself from phishing attacks is to install strong antivirus software on your devices. This can also alert you to phishing emails and ransomware scams, helping you keep your personal information and digital assets safe.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.
PARENTS BLAME CHATGPT FOR SON’S SUICIDE, LAWSUIT ALLEGES OPENAI WEAKENED SAFEGUARDS TWICE BEFORE TEEN’S DEATH
4) Limit what personal or sensitive data you share
Think twice before pasting private conversations, company documents, medical notes or addresses into a chat window. Many AI tools store recent history for model improvements unless you opt out, and some route data through external vendors. Anything you paste could live on longer than you expect.
5) Use a data-removal service to shrink your online footprint
Attackers often combine leaked metadata with information they pull from people-search sites and old listings. A good data-removal service scans the web for exposed personal details and submits removal requests on your behalf. Some services even let you send custom links for takedowns. Cleaning up these traces makes targeted phishing and impersonation attacks much harder to pull off.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Treat unexpected support messages with suspicion
Attackers know users panic when they hear about API limits, billing failures or account verification issues. If you get an email claiming to be from an AI provider, do not click the link. Open the site manually or use the official app to confirm whether the alert is real.
Events like this show why strengthening your personal security habits matters more than ever. (Kurt “CyberGuy” Knutsson)
7) Keep your devices and software updated
A lot of attacks succeed because devices run outdated operating systems or browsers. Regular updates close vulnerabilities that could be used to steal session tokens, capture keystrokes or hijack login flows. Updates are boring, but they prevent a surprising amount of trouble.
8) Delete accounts you no longer need
Old accounts sit around with old passwords and old data, and they become easy targets. If you’re not actively using a particular AI tool anymore, delete it from your account list and remove any saved information. It reduces your exposure and limits how many databases contain your details.
Kurt’s key takeaway
This breach may not have touched chat logs or payment details, but it shows how fragile the wider AI ecosystem can be. Your data is only as safe as the least secure partner in the chain. With ChatGPT now approaching a billion weekly users, that chain needs tighter rules, better oversight and fewer blind spots. If anything, this should be a reminder that the rush toward AI adoption needs stronger policy guardrails. Companies cannot hide behind transparent emails after the fact. They need to prove that the tools you rely on every day are secure at every layer, including the ones you never see.
Do you trust AI platforms with your personal information? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Xbox just allcapsmaxxed: Meet XBOX. This isn’t a joke; Microsoft appears to be actually rebranding Xbox to XBOX. Asha Sharma, Xbox CEO, ran a poll on X earlier this week, asking fans whether Microsoft should use Xbox or XBOX. The results were in favor of XBOX, and the company has now renamed its X account.
Curiously, the Threads and Bluesky accounts for Xbox haven’t been renamed yet, but if Microsoft is going ahead with a rebranding then I expect those will change soon. I asked Microsoft to comment on this potential Xbox rebranding and the company simply referred me to Sharma’s post.
The use of all caps for Xbox is a return to original form, though. Microsoft’s first Xbox logo for its console was all caps, and the company has favored using similar capped versions for the Xbox 360, Xbox One, and Xbox Series X / S console logos.
The apparent rebranding comes just a few weeks after Sharma scrapped Microsoft Gaming and renamed Microsoft’s gaming division back to Xbox. It’s part of Sharma’s continued promise of a “return of Xbox,” which has involved fan-focused console updates, a new Xbox logo, Game Pass pricing changes, and lots more in recent weeks.
NEWYou can now listen to Fox News articles!
Artificial intelligence (AI) already shows up in your phone, your searches and plenty of apps you use every day. Now, some Silicon Valley investors are betting the machines behind those AI answers could one day run at sea.
A company called Panthalassa has raised $140 million in new funding to develop and deploy autonomous, floating AI computing nodes powered by ocean waves. The Series B round brings Panthalassa’s total funding to $210 million, a sign that investors are taking this ocean-based AI idea seriously. The round was led by Peter Thiel, the Palantir co-founder, and the company says the money will help complete a pilot manufacturing facility near Portland, Oregon. Panthalassa also plans to deploy its Ocean-3 pilot node series in the northern Pacific Ocean later in 2026.
Instead of building another giant AI data center on land, Panthalassa wants to place computing power out at sea. Ocean waves would generate electricity. Seawater would help with cooling. Onboard computing systems would process AI prompts and send the results back to land through low-Earth-orbit satellites.
Sign up for my FREE CyberGuy Report
LOWERING YOUR ELECTRIC BILL COULD BE FLOATING IN THE OCEAN
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
META BUILDS WORLD’S LARGEST AI SUPERCLUSTERS FOR THE FUTURE
Panthalassa’s Ocean-2 prototype rides in open water during testing, giving a real-world look at the kind of floating wave-energy system behind the company’s ocean AI plan. (Panthalassa)
How AI data centers at sea could work
Panthalassa’s floating nodes are designed to capture wave motion and turn it into electricity. The company says it has spent a decade developing the technology behind its power generation, onboard computing and autonomous ocean operations. Its earlier Ocean-1, Ocean-2 and Wavehopper prototypes were tested in 2021 and 2024. Think of each node like a floating power station with AI hardware inside. Waves move the system. That motion helps drive a generator. The power then feeds the onboard chips.
WHY AI IS CAUSING SUMMER ELECTRICITY BILLS TO SOAR
The company’s plan is to use those chips for AI inference. That is the part of AI where a model responds to your prompt after it has already been trained. In simple terms, it is what happens when you ask a chatbot a question and get an answer back. That makes the ocean plan a little easier to understand. Training massive AI models requires huge data movement and tight coordination. Answering prompts may be more realistic for a floating node, at least in some situations.
Why AI data centers are moving offshore
AI data centers need huge amounts of electricity. They also need space, cooling systems and local support from communities that may not want a massive facility nearby. Those problems have pushed companies to look for unusual answers. Ocean-based computing is one of them.
Panthalassa says its nodes would operate far from shore in wave-rich parts of the ocean. The goal is to use that wave energy directly onboard instead of sending the power back to land. “We’ve built a technology platform that operates in the planet’s most energy-dense wave regions, far from shore, and turns that resource into reliable clean power,” said Garth Sheldon-Coulson, Panthalassa’s co-founder and CEO.
A SUPERCOMPUTER CHIP GOING TO SPACE COULD CHANGE LIFE ON EARTH
The ocean also offers cold surrounding water. That could help cool the chips onboard. Cooling is a major issue because data centers produce a lot of heat. Panthalassa is taking a different path from traditional land-based data centers. Instead of pulling more power from the grid, it wants floating nodes that generate their own electricity from waves.
A SUPERCOMPUTER CHIP GOING TO SPACE COULD CHANGE LIFE ON EARTH
The Ocean-2 prototype sits inside a coastal facility, showing the size and shape of Panthalassa’s floating node before deployment at sea. (Panthalassa)
The satellite problem for ocean AI data centers
The ocean may help with power and cooling, but it creates another problem: connection. Traditional data centers rely on high-capacity fiber-optic connections because they need to move huge amounts of data fast. A floating node far out at sea may depend on low-Earth-orbit satellite links. That can work for some AI responses, but it may be slower and more limited than fiber.
SOLAR DEVICE TRANSFORMS USED TIRES TO HELP PURIFY WATER SO THAT IT’S DRINKABLE
The challenge grows when multiple nodes need to work together. AI systems often depend on fast communication between chips, servers and storage. If those parts are floating in the ocean and talking by satellite, coordination gets harder. That means AI data centers at sea may not replace land-based data centers anytime soon. They may be better suited for certain AI tasks where the model can live onboard, and the response does not require constant back-and-forth with other machines.
Repairing floating AI nodes could be difficult
There is another practical question: What happens when something breaks? A land-based data center can send in technicians. A floating AI node in rough seas may need a ship, special equipment and the right weather window. That adds cost and delay.
Panthalassa says it is developing autonomous systems meant for harsh ocean conditions. Its press release says Ocean-3 testing is meant to demonstrate AI inference and refine manufacturing before commercial deployments in 2027. Still, the ocean is brutal. Saltwater eats away at equipment. Storms can turn a routine repair into a major operation. Constant motion also puts stress on the hardware. For this plan to work, Panthalassa will have to show that each node can keep running for years in harsh ocean conditions without frequent human repairs.
WHY AI IS CAUSING SUMMER ELECTRICITY BILLS TO SOAR
Panthalassa’s Ocean-2 prototype is transported by barge, a reminder that building AI infrastructure at sea also means solving major deployment and maintenance challenges. (Panthalassa)
Ocean data centers have been tested before
Ocean data centers are not new. Microsoft experimented with underwater data center servers through Project Natick, including tests in 2015 and 2018. Those tests showed that sealed underwater servers could run reliably while using seawater for cooling, with Microsoft reporting a lower failure rate than comparable land-based systems. Microsoft later ended the project.
Chinese companies have also reportedly pushed ahead with underwater data center projects near Hainan and Shanghai. Keppel has explored floating data center designs in Singapore, where land constraints make the concept especially attractive. Panthalassa’s plan goes in a different direction. It combines wave power with onboard AI chips and satellite-based results. It also depends on floating nodes that would need to operate far from the kind of support a normal data center gets. That is why the idea is getting attention. It is also why skepticism is fair.
FOX NEWS AI NEWSLETTER: SCAMMERS CAN EXPLOIT YOUR DATA FROM JUST 1 CHATGPT SEARCH
What AI data centers at sea mean for you
For now, this will not change how your phone or computer works. You will not suddenly see a “powered by ocean waves” label on your favorite AI app. But the bigger picture affects everyone. AI needs an incredible amount of electricity. As more companies add AI tools to their products, they need more places to run those systems. That pressure can affect energy grids, water use, local battles over new data centers and even your utility bills over time.
Panthalassa argues its approach could reduce the need for new data centers and power plants on land. That could ease pressure on local communities and the grid, but the company still has to prove the system can work reliably at sea. If ocean-based AI moves beyond testing, it could also raise fresh questions about marine maintenance, environmental oversight and who controls computing infrastructure in international waters.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Kurt’s key takeaways
Everyone is using AI on their phones and computers these days, but the heavy lifting often happens in huge data centers behind the scenes. That is why Panthalassa’s ocean plan is getting attention. The company wants to use waves for power and seawater for cooling. The hard part is proving that floating AI nodes can survive rough seas, limited satellite links and complicated maintenance. If Panthalassa can pull it off, ocean-based AI could become part of the tech we use every day. If it cannot, it may show just how difficult it is to keep feeding AI’s growing demand for power.
If this kind of ocean-powered AI takes off, would you worry about what these floating nodes could mean for our oceans? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
OpenAI announced yet another reorganization Friday, consolidating certain areas and making company president Greg Brockman the official lead of all things product.
In a memo viewed by The Verge, Brockman wrote that since OpenAI’s product strategy for this year is to go all-in on AI agents, the company is combining its products to “invest in a single agentic platform and to merge ChatGPT and Codex into one unified agentic experience for all.”
To do this, the company is making a suite of org chart changes, although it’s still operating under some of the same ones from last month. That’s when AGI boss Fidji Simo went on medical leave and OpenAI announced that Brockman would be in charge of product strategy and CSO Jason Kwon, CFO Sarah Friar, and CRO Denise Dresser would take control of business operations.
It’s all part of OpenAI’s recent strategic shift to focus on key revenue drivers like coding and enterprise and stop pouring resources into “side quests” ahead of its potential IPO later this year and amid investor pressure to turn a profit.
In Simo’s continued absence, Brockman’s role leading product strategy is now official, as well as the company’s “scaling” arm. Under Brockman will be four different pillars. The first is core product and platform, led by Thibault Sottiaux, who has been OpenAI’s engineering lead for Codex, and the second is critical enterprise industries, led by ChatGPT head Nick Turley. Third is the consumer pillar, such as health, commerce, and personal finance, which will be led by Ashley Alexander, who has been its healthcare products VP. The fourth pillar — core infrastructure, ads, data science, and growth — will be led by Vijaye Raji, who has been OpenAI’s CTO of applications.
Brockman wrote in the memo that OpenAI’s goal is now to “bring agents to ChatGPT scale, in order to give individuals and organizations significantly more value and utility from our products.”
-
Illinois4 minutes agoIllinois State Police release video of deadly shooting involving ISP troopers on South Side
-
Indiana10 minutes agoIndiana Peony Festival rescheduled due to storms
-
Iowa16 minutes ago‘Viral’ mac and cheese bar expanding in Iowa with new Waukee store
-
Kansas22 minutes ago‘We just wanted it more’: How Kansas City became unlikely World Cup hosts
-
Kentucky28 minutes agoKentucky Wildcats News: UK on the recruiting trail
-
Louisiana34 minutes agoRepublican Louisiana senator in tough primary after Trump backs opponent
-
Maine40 minutes agoOpinion: Experience should matter in Maine’s Senate primary
-
Maryland46 minutes agoGovernor Moore Highlights Military Infrastructure and Small Business Investment during “Delivering for Maryland” Tour in Harford County