The company emphasized transparency in its announcement, assuring users that the breach did not compromise OpenAI’s own systems, chat content, API keys, passwords, credentials, or payment information.
On November 9, 2025, Mixpanel detected unauthorized access to a portion of its systems. The attacker exported an analytics dataset that included identifiable information of some OpenAI API users.
Mixpanel notified OpenAI about the situation, and OpenAI launched an internal investigation. On November 25, 2025, Mixpanel confirmed the details of the affected dataset with OpenAI.
Notably, only users of the API platform (platform.openai.com) were potentially impacted. Those who use ChatGPT or other OpenAI products were not affected.
The incident involved the following information: Name provided on the OpenAI API account, Email address, Approximate location (city, state, country) based on browser info.
Operating system and browser used, Referring websites, Organization or user IDs linked to the account. There was no exposure of chat or API content, passwords, payment details, or government IDs.
After learning about the incident, OpenAI removed Mixpanel from its production environment and performed a thorough review of the affected datasets.
They are directly notifying all organizations, administrators, and users who may have been impacted.
OpenAI stated they found no evidence that any data beyond Mixpanel’s systems was affected, but they are actively monitoring for any misuse.
OpenAI has ended its engagement with Mixpanel and is conducting additional security reviews with all vendor partners, raising its security standards across the board.
Users should remain alert to potential phishing or social engineering attempts, especially given the involvement of information such as names and email addresses.
Be cautious with unexpected emails or messages, especially those containing links or attachments. Ensure any communications claiming to be from OpenAI come from official domains.
OpenAI will never request your password, API key, or verification code through email or chat. For added protection, enable multi-factor authentication (MFA) on your OpenAI account.
OpenAI reaffirmed its dedication to privacy, security, and transparency as it continues to communicate openly about such incidents.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
The post OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed appeared first on Cyber Security News.
Gong has announced a business update following the end of its most recent quarter. As…
If it isn’t sewage that water firms are leaking into rivers, then it’s your data…
IFS Ultimo has announced that EUROGATE is to deploy its AI-powered Enterprise Asset Management solution…
Engineers are often drowning in data for which they need answers. That often means digging…
Are the EarFun Air Pro 4 Plus the best sub-$100 earbuds around? These new buds,…
If you're looking to expand your library of physical games ahead of summer, we have…
This website uses cookies.