Key takeaways
OpenAI has confirmed a security incident involving analytics provider Mixpanel that exposed limited user data from its API platform, marking another cybersecurity challenge for the artificial intelligence company.
The breach occurred entirely within Mixpanel's systems when an attacker gained unauthorized access and exported a dataset containing identifiable information of some OpenAI API users.
According to OpenAI's official disclosure, Mixpanel first detected the intrusion on November 9, 2025, and notified OpenAI of the investigation before sharing the affected dataset on November 25.
What data was exposed
The compromised information was limited to analytics data collected through Mixpanel's web analytics service on OpenAI's API platform frontend.
Exposed details potentially included user names provided on API accounts, email addresses, approximate location information based on browser data, operating system and browser specifications, referring websites, and organization or user IDs associated with API accounts.
OpenAI emphasized that no sensitive data was compromised.
Chat logs, API requests, API usage data, passwords, authentication credentials, API keys, payment information, or government identification documents remained secure.
The incident did not affect ChatGPT users or other OpenAI consumer products, only developers and businesses using the company's API platform.
Company response and security measures
In response to the breach, OpenAI immediately terminated its use of Mixpanel across all production services.
An OpenAI spokesperson stated the company's position clearly: "Trust, security, and privacy are foundational to our products, our organization, and our mission. We are committed to transparency and are notifying all impacted customers and users. We also hold our partners and vendors accountable for the highest bar for security and privacy of their services. After reviewing this incident, OpenAI has terminated its use of Mixpanel."
The company is now conducting expanded security audits across its entire vendor ecosystem and elevating security requirements for all third-party partners.
OpenAI stated it found no evidence that the incident extended beyond Mixpanel's environment, but continues monitoring closely for potential misuse of the compromised data.
Security recommendations for affected users
OpenAI is directly notifying all impacted organizations, administrators, and individual users via email.
The company warned that the exposed information could potentially be leveraged in phishing or social engineering attacks, as threat actors now possess names, email addresses, and organizational identifiers that could make fraudulent communications appear more credible.
Users are advised to remain vigilant against suspicious communications, particularly unexpected emails or messages containing links or attachments.
OpenAI emphasized it never requests passwords, API keys, or verification codes through email, text, or chat.
While the breach did not compromise account credentials, OpenAI recommends all users enable multi-factor authentication as a best practice security control.
Broader context of AI platform security
This incident highlights growing concerns about third-party vendor security in the artificial intelligence industry.
Analytics and telemetry providers handle substantial volumes of user metadata that, while not containing sensitive operational data, can provide attackers with enough context to conduct targeted phishing campaigns or credential harvesting operations.
Mixpanel, widely used across the technology sector for user-behavior analytics, issued its own statement about the incident.
The company confirmed it detected a smishing campaign on November 8, 2025, and executed comprehensive incident response processes, including securing affected accounts, revoking active sessions, rotating compromised credentials, blocking malicious IP addresses, and engaging external cybersecurity partners.
OpenAI's decision to immediately sever its relationship with Mixpanel and strengthen vendor controls reflects broader industry trends toward tighter vendor risk management following analytics platform breaches.
The company stated it will continue working with Mixpanel to complete the investigation while performing expanded audits of all analytics, logging, and telemetry tools across its infrastructure.
Read more:
Alibaba Deeply Integrates Qwen AI Model Into Quark Browser Desktop Version
Law Enforcement Agencies Turn to AI for Non-Emergency Call Management
Perplexity Launches AI Shopping Assistant To Challenge Google And Amazon
