OpenAI now offers up to $20,000 to find security flaws in ChatGPT


Microsoft-owned OpenAI, the developer of ChatGPT, is now offering security researchers up to $20,000 to help the company differentiate between benign hacking and malicious attacks, after it suffered a security breach last month. Was.

OpenAI has launched a bug bounty program for ChatGPT and other products, stating that the initial priority rating for most findings will use the ‘BugCrowd Vulnerability Rating Taxonomy’.

“Our rewards range from $200 for low-severity findings to $20,000 for extraordinary discoveries,” said the AI ​​research company.

“However, vulnerability priority and reward may be modified based on likelihood or impact at OpenAI’s sole discretion. In cases of downgraded issues, researchers will receive a detailed explanation,” it added.

However, security researchers are not authorized to perform security testing on plugins created by other people.

OpenAI is also asking ethical hackers to protect confidential OpenAI corporate information that may be exposed through third parties.

Some examples of this category include Google Workspace, Asana, Trello, Jira,, Zendesk, Salesforce, and Stripe.

“You are not authorized to conduct additional security testing against these companies. Testing is limited to discovering confidential OpenAI information while complying with all laws and applicable terms of service. These companies are examples, and OpenAI does not necessarily do business with them.” ,” informed the company.

Last month, OpenAI acknowledged that some users’ payment information may have been exposed when it took ChatGPT offline due to a bug.

According to the company, a bug in the open-source library caused it to take ChatGPT offline, allowing some users to view titles from another active user’s chat history.

OpenAI found that the same bug may have caused the inadvertent visibility of “payment information for 1.2 percent of ChatGPT Plus customers who were active during a specific nine-hour period”.

The bug is addressed in the redis client open-source library called “redis-p”.


The post OpenAI Now Offering Up to $20,000 to Find Security Flaws in ChatGPT appeared first on Techlusive.

Read full article here

Leave a Reply