Security

OpenAI Cuts Ties with Mixpanel Following API User Data Breach

, Avatar
OpenAI-Logo am Bildschirm. © ishmael n. daro (CC BY 2.0)
OpenAI-Logo am Bildschirm. © ishmael n. daro (CC BY 2.0)
Startup Interviewer: Gib uns dein erstes AI Interview Startup Interviewer: Gib uns dein erstes AI Interview

OpenAI is informing users of its API platform about a security incident at analytics provider Mixpanel. According to OpenAI, the data breach affects exclusively users of the developer platform – ChatGPT users are not impacted.

The company emphasizes in a statement: “This was not a breach of OpenAI systems. No chats, API requests, API usage data, passwords, credentials, API keys, payment details, or identity documents were compromised or exposed.”

On November 9, 2025, Mixpanel detected unauthorized access to parts of its systems. Attackers exported a dataset containing limited customer information and analytics data. Mixpanel notified OpenAI about the ongoing investigation and shared the affected dataset on November 25, 2025.

Limited User Data Exposed

The exposed information is limited to frontend analytics of the API platform, according to the statement: names on API accounts, email addresses, coarse location data based on browser information (city, state, country), operating systems and browsers used, referrer websites, as well as organization and user IDs. API requests, prompts, outputs, or payment information were not part of the data breach. Affected organizations, admins, and users were subsequently contacted directly via email.

OpenAI Ends Partnership with Mixpanel

OpenAI is drawing clear consequences: the company has terminated its collaboration with Mixpanel and removed the integration from all production services. “Trust, security, and privacy are fundamental to our products, our organization, and our mission,” OpenAI states.

Beyond Mixpanel, the company is conducting expanded security reviews across its entire vendor ecosystem and intends to raise security requirements for all partners, but does not provide specific details. Although no account credentials were compromised, OpenAI recommends heightened vigilance. The company has found no evidence of impact outside the Mixpanel environment but is investigating further signs of misuse.

Mixpanel itself reports in a blog post discovering a smishing attack (SMS phishing). Employees received text messages aimed at harvesting credentials. In response, unauthorized access was stopped and affected accounts secured. External cybersecurity partners supported Mixpanel’s analysis of the incident, according to the company. All affected customers have been informed; without a corresponding notification, they are not involved. Customers include OpenAI as well as Joyn, LG, Pinterest, Workday, and Yelp.

Advertisement
Advertisement

Aus Datenschutz-Gründen ist dieser Inhalt ausgeblendet. Die Einbettung von externen Inhalten kann in den Datenschutz-Einstellungen aktiviert werden:

Specials from our Partners

Top Posts from our Network

Powered by This price ticker contains affiliate links to Bitpanda.

Deep Dives

© Wiener Börse

IPO Spotlight

powered by Wiener Börse

Europe's Top Unicorn Investments 2023

The full list of companies that reached a valuation of € 1B+ this year
© Behnam Norouzi on Unsplash

Crypto Investment Tracker 2022

The biggest deals in the industry, ranked by Trending Topics
ThisisEngineering RAEng on Unsplash

Technology explained

Powered by PwC
© addendum

Inside the Blockchain

Die revolutionäre Technologie von Experten erklärt

Trending Topics Tech Talk

Der Podcast mit smarten Köpfen für smarte Köpfe
© Shannon Rowies on Unsplash

We ❤️ Founders

Die spannendsten Persönlichkeiten der Startup-Szene
Tokio bei Nacht und Regen. © Unsplash

🤖Big in Japan🤖

Startups - Robots - Entrepreneurs - Tech - Trends

Continue Reading