Westwp logo web security

Are you exposed? 100,000 Stolen ChatGPT Credentials Available on Dark Web

Table of Contents

The recent revelation of a massive leak involving over 100,000 compromised ChatGPT credentials has sent shockwaves through the digital landscape.

Dark web marketplaces have become the breeding ground for cybercriminals who exploit vulnerabilities to sell stolen information.

This breach, which occurred from June 2022 to May 2023, has profoundly impacted countries worldwide, with India alone leading with 12,632 compromised accounts details.

The scale of this incident underscores the critical importance of prioritizing robust security measures and proactive defense strategies.

The Alarming Numbers

Between June’22 to May’23, 101000 plus compromised OpenAI ChatGPT account credentials leaked their way onto illicit dark web marketplaces.

Group-IB, a Singapore-headquartered cybersecurity company, shared a report to The Hacker News, revealing the full extent of the breach.


Notably, the number of logs containing compromised ChatGPT login details peaked at 26,802 in May 2023.

The Asia-Pacific region emerged as the epicenter of this cybercrime wave, with a notable amount of stolen ChatGPT credentials being offered for sale.

Countries Most Affected

Several countries experienced significant impacts due to compromised ChatGPT credentials.

Alongside India, there are other countries, including Pakistan, Egypt, Brazil, Vietnam, the United States, France, Morocco, Indonesia, and Bangladesh. The breadth of this breach highlights the global reach and indiscriminate nature of cybercriminal activities.

ChatGPT credentials compromised by countries

Info Stealers at Play 

A deeper analysis of the compromised logs containing ChatGPT accounts reveals the involvement of notorious info stealers.

Most breaches can be attributed to the Raccoon info stealer, compromising an alarming 78,348 accounts.

Vidar followed closely with 12,984 compromised accounts, while RedLine accounted for 6,773 breaches.

Info stealers have gained popularity in recent times among cybercriminals due to their ability to extract valuable personal information from browsers and cryptocurrency wallet extensions.

The Dark Web’s Role

The dark web continues to provide a thriving marketplace for cybercriminal activities.

Data containing compromised info harvested by the stealers are actively traded and sold on illicit platforms.

Despite efforts by law enforcement agencies to curb such transactions, the dark web remains a hotbed of illegal activities, facilitating the exchange of sensitive data.

Risks and Vulnerabilities of ChatGPT Integration

Enterprises have increasingly integrated ChatGPT into their operational workflows, inadvertently exposing themselves to potential risks. Employees often enter classified details and correspondences or utilize the bot to optimize proprietary code.

However, ChatGPT’s default configuration of retaining all conversations becomes a treasure of sensitive intelligence for threat actors who gain access to compromised account credentials.

Mitigating the Risks

Users must adhere to best security practices to avoid the risks associated with ChatGPT integration.

Following appropriate password hygiene measures and adopting two-factor authentication (2FA) is essential to preventing account takeovers and such attacks.

These measures significantly enhance the security posture and protect against unauthorized access.

OpenAI’s Response and Best Practices

OpenAI, the parent company of ChatGPT, promptly responded to the breach.

They emphasized that the incident was not a result of an OpenAI breach but rather the consequence of commodity malware on users’ devices.

OpenAI maintains the industry’s best practices for authenticating and authorizing users, and they strongly encourage users to utilize strong passwords and install only verified and trusted software on their personal computers.

Key Takeaways

  • Over 100,000 ChatGPT account credentials have been compromised and sold on dark web marketplaces, with India being the most affected country.
  • Info stealers like Raccoon, Vidar, and RedLine played a significant role in the breaches, targeting passwords, cookies, credit cards, and other vital information.
  • The breach remains ongoing, with the highest of 26,802 compromised ChatGPT account logs in May 2023.
  • OpenAI emphasizes the need for enhanced security practices and assures users that the breach does not result from an OpenAI breach.


The recent massive leak of over 101,000+ compromised ChatGPT account credentials is a wake-up call for enhanced security practices in our increasingly digital world.

Cybercriminals continue to exploit vulnerabilities, with dark web marketplaces being the platform for trading stolen information.

The involvement of info stealers like Raccoon highlights the ever-present threat to sensitive data.