<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Hackers Are Using Fake OpenAI Organizations to Silently Steal Your Work Data

Hackers exploit OpenAI's notification system to lure employees into fake organizations, accessing sensitive data without detection.
Content Team

Security researchers at Push Security have uncovered a new attack where hackers create fake OpenAI organizations — impersonating real companies — and send employees legitimate-looking invitations straight from OpenAI's own notification system. One click joins the victim to an attacker-controlled tenant with zero additional verification.

Once inside, anything the employee does — prompts, uploaded files, API calls — is visible to the attacker. The fake org even had a credit card attached to avoid suspicion. No spoofed domains, no malicious links. Just a trusted platform being weaponized against its own users.

Source: Cybersecurity News

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo