OpenAI confirms supply‑chain breach

OpenAI said on May 14 that two employee devices were compromised in the recent TanStack software supply-chain attack, adding a security incident to a fresh privacy lawsuit filed against the ChatGPT maker the same day. The company said it found no evidence that user data, production systems or intellectual property were accessed. As a precaution, OpenAI said it rotated code-signing certificates tied to affected applications. The disclosures came as plaintiffs and security researchers published new details about separate risks tied to OpenAI’s software and web operations. ### How did the TanStack attack reach OpenAI? OpenAI said two employees installed a compromised TanStack package, which gave the attacker access to two employee devices during the broader npm ecosystem attack. The company said the affected credentials were revoked and the impacted machines were remediated. (bleepingcomputer.com) TanStack said 42 official `@tanstack/*` packages were affected and listed patched versions in a GitHub security advisory published this week. The advisory said the malware could exfiltrate cloud credentials, GitHub tokens and SSH keys from infected environments. ### What did OpenAI say was not affected? OpenAI said it found no evidence that user data was breached in the incident. (bleepingcomputer.com) The company also said it found no evidence that its production systems or intellectual property were compromised. Reuters reported on May 14 that OpenAI had rotated code-signing certificates after the incident. (github.com) PCMag separately reported that OpenAI told Mac users to update their apps after the attack. ### What was the broader TanStack incident? GitHub’s advisory said malicious versions were published for dozens of TanStack packages and that organizations should treat any CI pipeline that installed affected packages between 19:20 and 19:30 UTC on May 11 as compromised. (bleepingcomputer.com) The advisory said defenders should rotate any secrets those runners could access. (msn.com) Security reporting this week described the TanStack event as part of a wider campaign targeting open-source package ecosystems. Those reports said the malicious releases were pushed in a short burst and were designed to steal credentials from developer environments. ### What does the new lawsuit accuse OpenAI of doing? (github.com) A proposed class action filed on May 14 accuses OpenAI of sharing ChatGPT user queries and related personal information with Meta and Google through website tracking tools embedded on ChatGPT.com. The complaint seeks damages and court oversight, according to reports on the filing. (theregister.com) The plaintiff is identified in reports on the complaint as Amargo Couture, who alleges that Facebook Pixel and Google Analytics transmitted chat query topics and user-linked information without consent. The reports say the case was filed in federal court in California. ### What happens next for users and developers? (finance.yahoo.com) OpenAI said affected applications had their code-signing certificates rotated, and users were urged in outside reporting to install updates where available. TanStack’s advisory lists the compromised package versions and the patched releases developers should move to immediately. (thedeepdive.ca) The lawsuit filed on May 14 will next move through the federal court process, where OpenAI can respond to the complaint and the court can decide whether the proposed class can proceed. Developers, meanwhile, can review TanStack’s GitHub advisory for the affected versions and remediation steps. (github.com) (bleepingcomputer.com)