This guy discovered thousands of ChatGPT users' secrets... all he had to do was search for them on Google
What I discovered was like reading a candid internal human dialogue. Tax schemes, betrayals, crises, descriptions that transcend all legal boundaries. This is what Henk van Es, journalist and professor at the University of Arizona, wrote a few days ago.
He was referring to a recently published study in which he analyzed tens of thousands of exposed ChatGPT user conversations. Remarkably, he was able to access conversations in which highly sensitive content, such as the financial results of a publicly listed company, was revealed even before they were officially announced. To access this information, this open source and data intelligence (OSINT) specialist didn't resort to the methods of an experienced hacker: all he needed was a Google search. It was that simple.
"This discovery began when I noticed common links appearing in a search engine. What started as curiosity turned into horror when I found over a million links," Van Es told El Confidential. In the report published on his website, Digital Digging, Van Es describes some of the cases found in this initial exploration—he hasn't yet been able to review all the conversations—and warns, "We'll follow up soon, because we've found more."
One such message came from a user from an Arabic-speaking country who asked ChatGPT to write a story about how their president, Sisi, "fucked the Egyptian people." The chatbot responded with a detailed political critique that addressed the suppression of dissent, mass arrests, the use of military force to maintain power, and economic decline. Van Es warns that the problem is that "everything was permanently archived in the conversation," and thanks to contextual information, "it was possible to track down the perpetrator."
As we explained, all Van Ess had to do was Google it to find all this. The source of the problem wasn't a security vulnerability, but rather the sharing function. Thousands of users were using it, thinking they were creating a link they could send to a contact or friend, but what they were actually doing was indexing the link in search engines.