OpenAI Finds No Evidence of Breach After Hacker Claims to Sell 20 Million Credentials
A hacker recently claimed to have 20 million OpenAI account credentials for sale, but security analysts believe the data comes from information-stealing malware, not a breach of OpenAI’s systems.
This incident once again highlights the growing danger of infostealer malware, which silently harvests login credentials and other sensitive data from infected devices. While OpenAI has denied any breach, users should take steps to protect their accounts from potential compromise.
Table of Contents
Hacker Claims to Have 20 Million OpenAI Credentials
A cybercriminal using the alias ‘emirking’ recently posted on BreachForums, a well-known underground forum, claiming to have obtained a massive trove of OpenAI account credentials. The hacker suggested that these credentials were up for sale, raising concerns about a potential data breach at OpenAI.
However, OpenAI quickly investigated the claims and told SecurityWeek that they found no evidence of their systems being compromised.
“We take these claims seriously. We have not seen any evidence that this is connected to a compromise of OpenAI systems to date,” a company spokesperson stated.
Malware, Not a Breach: How the Credentials Were Stolen
Cybersecurity firm Kela conducted an in-depth analysis of the sample data and determined that the stolen credentials originated from information-stealing malware, not OpenAI’s internal systems.
According to Kela:
- The credentials were cross-checked with their database of over one billion compromised accounts.
- The stolen credentials likely came from popular infostealer malware such as Redline, RisePro, StealC, Lumma, and Vidar.
- These credentials appear to be part of a larger dataset scraped from multiple sources selling stolen login details.
This suggests that the OpenAI account credentials were collected from users who had malware-infected devices rather than from OpenAI’s servers.
Hacker’s Post Mysteriously Disappears
Shortly after the hacker’s claim gained attention, the BreachForums post advertising the OpenAI credentials was deleted. While it’s unclear why the post was removed, it’s common for cybercriminals to exaggerate or fabricate claims to attract buyers on underground markets.
BreachForums has a history of being used by hackers to sell stolen data from major companies, but many of these claims turn out to be false or misleading.
How to Protect Your OpenAI Account from Credential Theft
Even though OpenAI itself wasn’t breached, users should remain vigilant about protecting their accounts. Here’s what you can do to stay safe:
🔹 Enable Two-Factor Authentication (2FA): This adds an extra layer of security, preventing attackers from accessing your account even if they have your password.
🔹 Use Unique, Strong Passwords: Avoid reusing passwords across multiple sites. A password manager can help generate and store complex passwords securely.
🔹 Beware of Infostealer Malware: Infostealers often hide in pirated software, malicious email attachments, and fake downloads. Be cautious about what you install.
🔹 Regularly Monitor Your Accounts: Check for any suspicious activity and update your passwords if needed.
🔹 Scan Your Device for Malware: Use reputable antivirus and anti-malware tools to detect and remove any potential threats.
Final Thoughts
While the claim of 20 million compromised OpenAI accounts may have been overblown, this incident underscores the dangers of infostealer malware. Attackers don’t always need to breach a company’s servers to steal your data—they can get it directly from your infected device.
With cyber threats evolving rapidly, staying proactive about security is more important than ever. Whether you use OpenAI tools or any other online service, strong passwords, 2FA, and malware protection are your best defense against credential theft.
Want to check if your email or passwords have been leaked? Consider using a service like Have I Been Pwned to see if your credentials are floating around in hacker forums.
