ChatGPT is leaking… again — we shouldn’t be surprised but we should be disturbed

(Image credit: Shutterstock)

OpenAI’s ChatGPT has long been 'dumb', willing to assist in cybercrime, an Icarus analogy for the age and a threat to sensitive company data

However, we need to go all through this again, apparently, as reports are surfacing that the artificial intelligence tool is once again leaking passwords inside, just for the sake of variety, corporate support tickets.

Per Ars Technica, ChatGPT recently served a user chat logs from the support system of a pharmaceutical company, consisting of another user’s  bug report pertaining to a user portal… which contained that user’s credentials.

Clean up on aisle GPT

“I went to make a query [...] and when I returned to access moments later, I noticed the additional conversations. They weren't there when I used ChatGPT just last night. [...] No queries were made—they just appeared in my history, and most certainly aren't from me (and I don't think they're from the same user either)," Ars Technica reader Chase Whiteside told the publication.

Whiteside was also able to glean ‘the name of a presentation someone was working on’, ‘details of an unpublished research proposal’ and, one for the true TechRadar Pro anorak hardcore - a script ‘written’ in PHP, on balance probably stolen from a public Github repository.

What’s interesting / bleak (delete as per worldview) is that, despite ChatGPT not having anything near a spotless record, Whiteside says that they’re ‘a pretty heavy user’ of the service while issuing no signs that this incident, or any ChatGPT-shaped incident that we’ve reported on in the past year or whatever, has given them pause. Ladies, gentlemen and undefined: a dependency in action.

Analysis: I want to throw the intangible concept of AI into a vat of acid, can you help me?

Look, at TechRadar Pro we’re very niche, we know that. You read us, so you already know that ‘artificial intelligence’ isn’t a sentient computer, and it’s just some billionaire force-feeding copyrighted digital works to a CPU to create a corpus to be spat back out at the masses like orange pips following the Heimlich manoeuvre. 

If you put monkeys in a room full of computers, eventually they’ll just control-c + control-v the complete works of Shakespeare. Or, rather, half an act's worth of Romeo and Juliet before telling you that for longer prompt responses you need to pay $20 a month.

Computers don’t really do context, you’re not really talking to a human person. You know this and more, you’re cool, but no-one else does, or no-one else cares about the damage ‘AI’ is doing, or perhaps a bit of both.

It seems like every week the average age of a person asking me ‘what’s AI I don’t get it but I mainline it daily so want to get it’ increases, while my success rate at communicating what it is, the profiteering cynicism behind it, and the resulting harm caused by it, in realistic terms, decreases. Reliably, I’m met with ‘Dunno, makes my life easier,’ or some variation thereof. 

‘Just a bit of cheeky leakage of user data, mate,’ is increasingly the stance of your mum posting a status to Facebook saying that she does NOT give Mark Zuckerberg permission to use her private posts or personal data before going on to post blurry close-up snaps of a new mole on her thigh that’s concerning her. This is probably why we get the governments that we do.

I have the sneakiest feeling that I’ve written about blind tech subservience before, so what am I saying? In this ye olde apple piety medicine show world, tell them the truth: that AI chatbots can threaten, swear, and be racist (a not-safe-for-work but absolutely on point headline from The Verge, there.) 

Don’t tell them that this is simply a machine learning from their abysmal behaviour and reflecting it back at them, even though it is that. Literally so in Whiteside’s case, who was met with our anonymous bug reporter exclaiming ‘this is so f-ing insane’ at a living, breathing customer service agent. 

Tell them to think of the children. It’ll be banned in a fortnight.

More from TechRadar Pro

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.