ChatGPT fined US$2,829 for exposing 687 S. Korean users’ personal info
SEOUL - The Personal Information Protection Commission (PIPC) of South Korea said Thursday it has imposed a fine of 3.6 million won (US$2,829) on OpenAI, the operator of the generative chatbot ChatGPT, for exposing the personal information of 687 South Korean users.
A now-patched bug in an open-source library on ChatGPT created a caching issue in March, causing the unintentional visibility of payment information of ChatGPT Plus subscribers during a nine-hour window, including first and last names, email addresses, the last four digits of credit card numbers and credit card expiration dates, OpenAI has said.
A total of 687 users in South Korea have been confirmed to be among those affected by the exposure, Yonhap news agency reported.
The PIPC said it has fined OpenAI for breaching its duty to report a leakage to authorities within 24 hours of finding it.
But the privacy watchdog concluded the company cannot be held responsible for lax personal information protection measures.
The watchdog has also recommended OpenAI take measures to prevent a recurrence of the incident, comply with South Korea's personal information protection law and cooperate actively with the commission's prior inspection activities, the commission said. - BERNAMA