Skip to content
Longterm Wiki
Back

OpenAI Mixpanel Data Incident Report

web
OpenAI·openai.com/index/mixpanel-incident/

Credibility Rating

4/5
High(4)

High quality. Established institution or organization with editorial oversight and accountability.

Rating inherited from publication venue: OpenAI

This incident report is tangentially relevant to AI safety in the context of responsible deployment and organizational transparency practices at OpenAI, but focuses on a data/security incident rather than core AI safety research.

Metadata

Importance: 20/100blog postnews

Summary

This OpenAI blog post describes a security or data incident involving Mixpanel, a third-party analytics service used by OpenAI. It likely details what data was affected, how the incident occurred, and what steps OpenAI took in response to protect user information.

Key Points

  • Describes a data incident involving Mixpanel, a third-party analytics provider used by OpenAI
  • Outlines the scope of data potentially exposed or mishandled during the incident
  • Details OpenAI's response and remediation steps following the incident
  • Relevant to understanding OpenAI's data handling and security practices
  • Demonstrates transparency practices around security incidents at a major AI lab

Cited by 1 page

PageTypeQuality
Compute ConcentrationRisk70.0

Cached Content Preview

HTTP 200Fetched Mar 20, 20269 KB
What to know about a recent Mixpanel security incident \| OpenAI

November 26, 2025

[Company](https://openai.com/news/company-announcements/) [Security](https://openai.com/news/security/)

# What to know about a recent Mixpanel security incident

Share

**_December 19, 2025 clarification:_** _We are updating the blog to clarify the description of impacted users. The original blog stated that “API users” were impacted. It has been updated to add: “It also affected a limited number of ChatGPT users who submitted help center tickets or were logged into_ [_platform.openai.com_ ⁠(opens in a new window)](http://platform.openai.com/) _.” All impacted users were identified and notified at the same time as part of the original outreach to users. Aside from this clarification, nothing else about our understanding of the incident, including the type of information involved, has changed._

Transparency is important to us, so we want to inform you about a recent security incident at Mixpanel, a data analytics provider OpenAI used for web analytics on the frontend interface for our API product ( [platform.openai.com⁠(opens in a new window)](https://platform.openai.com/)).

The incident occurred within Mixpanel’s systems and involved limited analytics data related to some users of the API. It also affected a limited number of ChatGPT users who submitted help center tickets or were logged into platform.openai.com.

This was not a breach of OpenAI’s systems. No chat, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised or exposed.

**What happened**

On November 9, 2025, Mixpanel became aware of an attacker that gained unauthorized access to part of their systems and exported a dataset containing limited customer identifiable information and analytics information. Mixpanel notified OpenAI that they were investigating, and on November 25, 2025, they shared the affected dataset with us.

**What this means for impacted users**

User profile information associated with the use of [platform.openai.com⁠(opens in a new window)](https://platform.openai.com/) may have been included in data exported from Mixpanel. The information that may have been affected was limited to:

- Name that was provided to us on the account
- Email address associated with the account
- Approximate coarse location based on user browser (city, state, country)
- Operating system and browser used to access the account
- Referring websites
- Organization or User IDs associated with the account

**Our response**

As part of our security investigation, we removed Mixpanel from our production services, reviewed the affected datasets, and are working closely with Mixpanel and other partners to fully understand the incident and its scope. We are in the process of notifying impacted organizations, admins, and users directly. While we have found no evidence of any effect on systems or data outside Mixpanel’s environment, we continue to monitor

... (truncated, 9 KB total)
Resource ID: 7b09f4ed03e4c0ce | Stable ID: Zjc4YTA0NT