Ruh-roh! An article today states that there are over 100,000 stolen ChatGPT account credentials being sold on dark web marketplaces!

The article from The Hacker News (Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces, written by Ravie Lakshmanan and available here), states that over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials.

The credentials were discovered within information stealer logs made available for sale on the cybercrime underground, Group-IB said in a report shared with The Hacker News.

“The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023,” the Singapore-headquartered company said. “The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year.”

Other countries with the most number of compromised ChatGPT credentials include Pakistan, Brazil, Vietnam, Egypt, the U.S., France, Morocco, Indonesia, and Bangladesh.

A further analysis has revealed that the majority of logs containing ChatGPT accounts have been breached by the notorious Raccoon info stealer (78,348), followed by Vidar (12,984) and RedLine (6,773).

Information stealers have become popular among cybercriminals for their ability to hijack passwords, cookies, credit cards, and other information from browsers, and cryptocurrency wallet extensions.

“Logs containing compromised information harvested by info stealers are actively traded on dark web marketplaces,” Group-IB said.

“Many enterprises are integrating ChatGPT into their operational flow,” Dmitry Shestakov, head of threat intelligence at Group-IB, said.

“Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials.”

To mitigate such risks, it’s recommended that users follow appropriate password hygiene practices and secure their accounts with two-factor authentication (2FA) to prevent account takeover attacks.

With close to a billion users a month now on ChatGPT, it’s not surprising that hackers are targeting its users. Just like Willie Sutton said he robbed banks because that’s where the money is, they’re targeting ChatGPT because that’s where the users are.

Hat tip to Project Counsel Media for the original coverage earlier today. They also covered a second story this morning about OpenAI – look for my coverage of that one tomorrow! Cliffhanger alert!

So, what do you think? Are you surprised that there are over 100,000 stolen ChatGPT account credentials being sold on dark web marketplaces? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.