Imagine this: you’re a business owner using ChatGPT, an AI-powered tool, to optimize your operations and save time. But what if I told you that over the past year, more than 101,000 ChatGPT user accounts have been compromised by information-stealing malware? That’s right, according to data from dark web marketplaces, these cybercriminals are specifically targeting ChatGPT users like you.
How is this happening?
Information stealers are a type of malware that goes after account data stored on various applications, such as email clients, web browsers, and even AI-powered tools like ChatGPT. These cybercriminals steal credentials from programs’ databases and reverse the encryption of stored secrets. They then package this stolen data into archives, called logs, and send them back to their servers for retrieval.
So, why are ChatGPT accounts being targeted? It’s because users like you are storing valuable information, such as proprietary data, internal business strategies, personal communications, and software code within these accounts. As Group-IB’s Dmitry Shestakov explains, “Many enterprises are integrating ChatGPT into their operational flow. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials.”
What does this mean for your business?
Unfortunately, the number of stolen ChatGPT logs has been growing steadily over time. Nearly 80% of all logs come from the Raccoon stealer, followed by Vidar (13%) and Redline (7%). With this rising number of breaches, companies like Samsung have even banned staff from using ChatGPT on work computers, threatening to terminate the employment of those who fail to follow the policy.
If you’re using ChatGPT and inputting sensitive data, consider disabling the chat saving feature from the platform’s settings menu or manually deleting those conversations as soon as you’re done with them. However, it’s important to note that many information stealers take screenshots of infected systems or perform keylogging. So even if you don’t save conversations to your ChatGPT account, malware infection could still lead to a data leak.
What can you do to protect your business?
Those working with extremely sensitive information shouldn’t rely on inputting it into any cloud-based services, but only on secured locally-built and self-hosted tools. Additionally, you should follow industry best practices for authentication and authorization, use strong passwords, and only install verified and trusted software on personal computers.
How Can We Protect Student Data from Cybercriminals Exploiting Vulnerabilities?
As cyber threats continue to evolve, protecting student data is crucial. Recent reports on cybercriminals compromise 45,000 nyc students’ data highlight the need for robust security measures. Implementing strong authentication protocols, regular data backups, and continuous staff training can help safeguard sensitive information. Additionally, investing in advanced cybersecurity software and conducting regular vulnerability assessments can mitigate potential risks. Safeguarding student data is paramount to ensure a secure learning environment.
Need help securing your business?
At ZZ Servers, we understand how crucial cybersecurity is to your business. We’re here to help you protect your valuable data and keep your operations running smoothly. Contact us today to learn how we can assist you in safeguarding your business from cyber threats.