A man and a woman in front of the computer to discover bugs in OpenAI products

Bug Hunt: How to Hack Hackers with OpenAI’s Bug Bounty Program

4 May 2023


In Italy, ChatGPT has been blocked by the Privacy Authority and and returned in early May. However, the chatbot is continuing to operate in other parts of the world, growing and improving. OpenAI has announced that it has found a way to incentivize users to find any bugs in the platform.

OpenAI Launches Bug Bounty to Uncover ChatGPT Issues

Open AI, the company behind the development of ChatGpt, has launched a Bug Bounty program. This initiative allows developers and code enthusiasts to search for defects and security issues in Open AI products, including ChatGpt.

Reports can be submitted through the Big Crowd platform and involve payment based on the severity and impact of the reported problems, with rewards ranging from $200 for low-level security defects to a maximum of $20,000 for exceptional discoveries.

"The OpenAI Bug Bounty program is a way for us to recognize and reward valuable insights from security researchers who contribute to protecting our technology and our company," OpenAI stated. "We invite you to report vulnerabilities, bugs, or security flaws you discover in our systems. By sharing your findings, you will play a crucial role in making technology safer for everyone”.

Security Issues and the Situation with the Privacy Authority in Italy

ChatGpt is subject to potential security concerns, such as hacking techniques used by hackers to circumvent Open AI security measures, including the creation of inappropriate content, academic research, and malicious code for hacking purposes. Last month, Open AI reported a data breach in ChatGpt Plus due to a bug in the open-source Redis library used by the platform. To resolve the issue, ChatGpt was inaccessible for several hours.

These situations only reinforce the Privacy Authority's decision in Italy to block the use of the chatbot in the country. However, not all is lost. In fact, the Privacy Authority has given OpenAI until May 15 to promote an information campaign on radio, television, newspapers, and the web to communicate to users how the use of their personal data works.

To return to normalcy - ANSA reports - "OpenAI will have to prepare and make available on its website a transparent information statement, which illustrates the methods and logic underlying the processing of data necessary for the functioning of ChatGPT, as well as the rights attributed to users, who must be asked to declare that they are of legal age."

What ChatGPT thinks of the incident

We tried to include this information within the chatbot itself. Below is what it told us.

"The Bug Bounty Program is a common practice among companies that want to improve the security of their products and can be an effective way to identify and resolve any security issues in a timely manner.

However, it is important to note that the Bug Bounty Program alone does not guarantee complete product security. The company must also follow other good security practices, such as code review, regular testing, and implementation of multi-layered security measures.

Regarding the data breach of ChatGpt Plus user payment information, it is a concerning event, and Open AI's response seems to have been appropriate. We hope that the company has learned from this incident and has implemented additional measures to protect its users' data."

Recent Post
Forbes under 30 list on blockchain - themetaeconmist

Forbes Under 30 list lands on blockchain

agri-food sector blockchain

Agribusiness revolution with the blockchain innovation

Zipmex interrupts trading activity in Thailand

Altman is back, former OpenAI CEO is in charge again. Revolution in the Board

OpenAI and Microsoft logo

Great Migration: after Brockman, Altman too leaves OpenAI for Microsoft

ai tokens - themetaeconomist

Top performance in the weekend for AI tokens

1 2 3 56
TheMetaEconomist 2022 - Privacy / Cookies