ChatGPT is become a major security and privacy issue because too many of us are absentmindedly sharing our private information on it. ChatGPT logs every conversation you have with it, including any personal data you share. Still, you wouldn’t know this unless you’ve dug through OpenAI's privacy policy, terms of service, and FAQ page to piece it together.

It’s dangerous enough to leak your own information, but given that huge companies are using ChatGPT to process information every day, this could be the start of a data leak disaster.

Samsung Leaked Confidential Information Via ChatGPT

According to Gizmodo, Samsung's employees mistakenly leaked confidential information via ChatGPT on three separate occasions in the span of 20 days. This is just one example of how easy it is for companies to compromise private information.

ChatGPT is publicly under fire for its privacy issues, so it's a considerable oversight that Samsung let this happen. Some countries have even banned ChatGPT to protect their citizens until it improves its privacy, so you would think companies would be more careful about how their staff use it.

Luckily, it seems that Samsung’s customers are safe—for now, at least. The breached data pertains only to internal business practices, some proprietary code they were troubleshooting, and the minutes from a team meeting, all submitted by employees. However, it would have been just as easy for the staff to leak consumers’ personal information, and it’s only a matter of time before we see another company do exactly that. If this happens, we could expect to see a massive increase in phishing scams and identity theft.

There's another layer of risk here, too. If employees use ChatGPT to look for bugs like they did with the Samsung leak, the code they type into the chat box will also be stored on OpenAI's servers. This could lead to breaches that have a massive impact on companies troubleshooting unreleased products and programs. We may even end up seeing information like unreleased business plans, future releases, and prototypes leaked, resulting in huge revenue losses.

How Do ChatGPT Data Leaks Happen?

ChatGPT logo on dark green background

ChatGPT’s privacy policy makes it clear that it records your conversations and shares the logs with other companies and its AI trainers. When someone (for example, a Samsung employee) types confidential information into the dialog box, it’s recorded and saved on ChatGPT’s servers.

It is highly unlikely that the employees have done this on purpose, but that’s the scary part. Most data breaches are caused by human error. Often, this is because the company has failed to educate its staff about the privacy risks of using tools like AI.

For example, if they paste a large contact list into the chat and ask the AI to isolate customers’ phone numbers from the data, ChatGPT then has those names and phone numbers in its records. Your private information is at the mercy of companies you did not share it with, which may not protect it well enough to keep you safe. There are a few things you can do to keep yourself safe after a data breach, but businesses should be responsible for preventing leaks.

Moral of the Story: Don't Tell ChatGPT Your Secrets

You can safely use ChatGPT for hundreds of different tasks, but organizing confidential information isn’t one of them. You must be careful to avoid typing anything personal into the chat box, including your name, address, email, and phone number. It's easy to make this mistake, so you should be careful to check your prompts to ensure nothing has accidentally made it in.

The Samsung leak shows us just how real the risk of a ChatGPT-related data leak is. Unfortunately, we will see more of these types of mistakes, perhaps with far bigger impacts, as AI becomes a core part of most businesses’ processes.