OpenAI certificate episode
OpenAI denied any user-data breach after an Axios developer-tool compromise and asked macOS users to update apps while security certificates were rotated. The company framed the communications as precautionary updates for users during the certificate rotation process. (moneycontrol.com)
OpenAI said on April 11 that it found no evidence any user data was accessed after a compromised developer tool touched part of its macOS app-signing workflow. (openai.com) The company said the issue began on March 31, 2026, when a GitHub Actions workflow in its macOS signing process downloaded a malicious version of Axios, version 1.14.1, during a broader software supply chain attack. That workflow had access to a certificate and notarization material used to sign ChatGPT Desktop, Codex, Codex-cli, and Atlas for Apple computers. (openai.com) A code-signing certificate is the digital stamp that tells macOS an app really came from a named developer. OpenAI said it rotated those certificates and asked all macOS users to update to the latest OpenAI app versions to reduce the chance that a fake app could appear legitimate. (openai.com) OpenAI said it found no evidence its systems or intellectual property were compromised and no evidence its software was altered. The company described the app updates as a precaution while the new certificates replaced the old ones. (openai.com) The company also published new allowlist details for managed Apple devices, including the same Team ID, 2DC432GLL2, a changed organization name, “OpenAI OpCo, LLC,” and new certificate fingerprints for security teams that verify app signatures. (help.openai.com) OpenAI’s help center separately warned some organizations using Cloudflare Zero Trust that outdated certificate rules could block access to the ChatGPT Mac or iOS apps until firewall policies were updated. It said the issue should not affect the web client, Windows, or Android users. (help.openai.com) Axios reported that the attack could have let hackers steal a certificate that would make a fake OpenAI app look authentic, though OpenAI said it had not seen that happen. CNBC reported the company made the same point publicly on April 11, saying it had identified the issue but saw no sign user data had been accessed. (axios.com) (cnbc.com) For users, the immediate step is narrow: update OpenAI apps on macOS and, for workplace-managed Macs, refresh any certificate-based allowlists. OpenAI’s account of the episode is that the risk sat in software trust labels, not in a breach of ChatGPT accounts or customer data. (openai.com) (help.openai.com)
