On March 20th, 2023, OpenAI took down the popular generative AI tool ChatGPT for a few hours. It later admitted that the reason for the outage was a software supply chain vulnerability that originated in the open-source in-memory data store library ‘Redis.’
As a result of this vulnerability, there was a time window (between 1-10 am PST on March 20) where users could accidentally access other users’ chat history titles and possibly expose payment-related information such as names, email addresses, payment addresses, credit card type and last four digits of the payment card number.
This article has been indexed from DZone Security Zone
Read the original article: