OmniGPT data breach exposes private AI chats

Hundreds of thousands of users of AI aggregator OmniGPT have had their private conversations and uploaded files exposed after a large-scale data breach that security researchers say left sensitive information openly accessible and later circulated on dark web forums. The incident has intensified scrutiny of third-party platforms that bundle access to multiple AI models while handling large volumes of personal data.

Investigations by independent cybersecurity analysts indicate that roughly 300,000 users were affected, with about 300 million chat messages, prompts, and attachments taken from a misconfigured backend system. The exposed material included private AI conversations, code snippets, business documents, and personal details submitted during account creation, according to people familiar with the findings. Screenshots and sample datasets shared among threat actors suggest the data was indexed and downloadable without authentication for a prolonged period.

Private AI chats laid bare as the breach revealed how extensively users rely on aggregators to process confidential information, from workplace drafts to personal queries. Researchers say the dataset shows timestamps, user identifiers, and conversation histories that could be cross-referenced to reconstruct individual activity patterns. While payment card numbers were not identified in the circulating samples, the presence of email addresses and uploaded files raises the risk of phishing, identity misuse, and corporate espionage.

OmniGPT positions itself as a single interface for interacting with multiple large language models from different providers, a model that has grown popular among developers, freelancers, and small businesses seeking flexibility and cost control. That convenience, experts argue, also concentrates risk. By sitting between users and underlying AI providers, aggregators must secure not only their own infrastructure but also the flow of data across application programming interfaces, storage layers, and logging systems.

Cybersecurity specialists who examined the breach say initial access appears to have stemmed from improperly secured cloud storage tied to conversation logs and file uploads. The configuration allowed unauthorised browsing and bulk extraction, after which copies of the data were advertised on underground forums. Such missteps are common in fast-growing startups, analysts note, but the scale of exposed AI conversations makes the incident unusually severe.

The company acknowledged unauthorised access and said it had taken affected systems offline while initiating a security review. Steps outlined by OmniGPT include rotating credentials, tightening access controls, and commissioning an external audit. Users have been advised to change passwords and treat past conversations as potentially compromised. The platform has also begun notifying regulators in jurisdictions with mandatory breach-disclosure rules, according to people briefed on the response.

The episode has prompted renewed debate over data retention practices in the AI sector. Many platforms store full conversation histories to improve performance, troubleshoot errors, or offer continuity across sessions. Privacy advocates argue that retaining such data without strict minimisation policies magnifies harm when breaches occur. Some enterprise AI providers now offer zero-retention modes, but aggregators often lack comparable safeguards.

Legal exposure for OmniGPT could hinge on where affected users are based and how personal data was processed. Data protection authorities in Europe and other regions have previously penalised companies for failing to implement adequate technical and organisational measures. Potential liabilities include fines, mandatory remediation, and civil claims if negligence is established. Industry lawyers say the presence of uploaded files, which may contain third-party data, complicates the compliance picture further.

Beyond regulatory risk, the breach underscores a trust problem for AI intermediaries. Businesses increasingly use AI tools for drafting contracts, analysing financial data, and handling customer communications. A single lapse at an aggregation layer can undermine confidence not only in one platform but in the broader ecosystem that depends on shared infrastructure.