OpenAI confirms Mixpanel security incident exposed limited user data

OpenAI exposes that breached dataset involves limited account-related information for only some of API users
Pareesa Afreen Pareesa Afreen - Pareesa Afreen Nov 27, 2025
An image of OpenAI logo is seen in this illustration taken May 20, 2024. — Reuters
An image of OpenAI logo is seen in this illustration taken May 20, 2024. — Reuters  

OpenAI has disclosed a security incident involving Mixpanel, a third-party analytics provider that was used previously on the frontend interface of its API platform. The company said that the breach happened within Mixpanel's systems, not OpenAI's, and no sensitive API data or user content was compromised.

According to OpenAI, Mixpanel informed them on November 9 that an unauthorised actor had gained access to part of its internal systems and exported an analytics dataset. Mixpanel shared the affected data with OpenAI on November 25, thus confirming the scope of exposure.

According to OpenAI, the issue did not involve ChatGPT users or any of its other consumer products; moreover, no chat history, API requests, passwords, credentials, API keys, payment information, or government IDs were affected.

The exposed dataset involved limited account-related information for only some of the API users on platform.openai.com.

Information potentially exposed includes:

  • Name that was provided to us on the API account
  • Email address associated with the API account
  • Approximate coarse location based on API user browser (city, state, country)
  • Operating system and browser used to access the API account
  • Referring websites
  • Organisation or User IDs associated with the API account

OpenAI has removed Mixpanel from its production systems and is conducting a thorough internal security review alongside its continued investigation with Mixpanel. Affected organisations, admins, and users are being contacted directly.

The company said that no evidence was found that any other system or user data was accessed, but it is enhancing security requirements across its entire vendor ecosystem and conducting an expanded review of all third-party partners.

OpenAI warned that the leaked data could be used for phishing or social engineering and that users should be vigilant for suspicious emails or messages that may appear to be from OpenAI. It issued a reminder that it never requests passwords, API keys, or verification codes via email or chat and suggested enabling multi-factor authentication as an additional security measure.

OpenAI to launch ChatGPT for teachers
OpenAI to launch ChatGPT for teachers
OpenAI lets users control em dash usage in ChatGPT
OpenAI lets users control em dash usage in ChatGPT
Google Gemini may read your Gmail soon: Here’s what you need to know
Google Gemini may read your Gmail soon: Here’s what you need to know
Dubai installs AI noise radars to fine loud vehicles
Dubai installs AI noise radars to fine loud vehicles
Government directs immediate rollout of AI courses in KP schools
Government directs immediate rollout of AI courses in KP schools
ChatGPT getting group chat feature for easy collaboration among friends, family
ChatGPT getting group chat feature for easy collaboration among friends, family
iOS 27 set for 2026 launch with AI search, Siri redesign
iOS 27 set for 2026 launch with AI search, Siri redesign
Nearly nobody can distinguish AI-generated music from human tracks: Survey
Nearly nobody can distinguish AI-generated music from human tracks: Survey
Register now for Google's AI Industry Fellowship in Pakistan, as Nov 14 deadline nears
Register now for Google's AI Industry Fellowship in Pakistan, as Nov 14 deadline nears
FBR uses AI to audit 7m tax returns in 2025
FBR uses AI to audit 7m tax returns in 2025
Gemini for TV rolling out to Google TV Streamer devices: Check if yours is compatible
Gemini for TV rolling out to Google TV Streamer devices: Check if yours is compatible
Google Maps adds AI tools to help you build interactive projects
Google Maps adds AI tools to help you build interactive projects

COPYRIGHT © 2025 GADiNSiDER, All Rights Reserved | Contact Us