BRIGHTMIND AI
Simple AI, tools, research, and future-skills updates

ChatGPT Memory Flaw: How Hackers Could Exploit AI to Steal Your Data

Recently, security researcher Johann Rehberger uncovered a vulnerability in ChatGPT’s memory feature, which allowed attackers to store false information and harmful instructions in a user’s long-term memory settings. Despite this discovery, OpenAI initially dismissed it as a safety issue rather than a security threat.

Refusing to back down, Rehberger demonstrated how this vulnerability could be exploited by creating a proof-of-concept (PoC) that extracted all user input continuously. This caught OpenAI’s attention, prompting them to release a partial fix earlier this month.

The Vulnerability Exploited Memory Features

The flaw involved ChatGPT’s long-term memory feature, introduced in February and expanded in September. This feature allows ChatGPT to remember details like a user’s preferences and past conversations, making future interactions smoother. However, Rehberger found that attackers could abuse this feature through indirect prompt injection—a technique that makes the AI follow instructions from untrusted sources such as emails or blog posts.

Using this method, Rehberger demonstrated how he could manipulate ChatGPT into permanently storing false information. For instance, he made the AI believe a user was 102 years old, lived in a fictional world, and believed Earth was flat. These fabricated details then influenced all future conversations.

The attack didn’t stop there. Rehberger also showed how malicious files hosted on platforms like Google Drive or Bing could be used to plant these false memories, making the flaw a real threat.

OpenAI’s Response and Ongoing Risks

Rehberger reported the issue to OpenAI in May, but the company initially closed the case. A month later, after submitting a more detailed report and PoC, OpenAI engineers took action. His PoC revealed that by tricking ChatGPT into viewing a malicious web link, all user interactions could be copied to a server controlled by the attacker. This was especially concerning because the data exfiltration persisted across multiple sessions.

While OpenAI has fixed part of the problem by preventing memory abuse for data exfiltration, Rehberger noted that prompt injections can still be used to plant long-term false information.

Staying Safe

To avoid these types of attacks, users should be cautious when new memories are added during sessions and regularly review stored memories for anything unusual. OpenAI offers tools for managing and reviewing these memories, but the issue of prompt injections still lingers.

Stay informed on security updates and other tech insights at brightmindai.com!

Read about: Is your Job safe from AI

Can AI generate better ideas than HUMAN?

I can’t focus on my studies-mobile scrolling-lazy and unmotivated

Can AI Help Fix Political Divides? Insights from Duke Professor Christopher Bail

Scientists solved the mystery of how the great pyramids of Egypt were constructed

Newsfeed
Latest Technology & Education News

GPT-5.6 Explained: What OpenAI’s New Models Mean for You
GPT-5.6 Explained: What OpenAI’s New Models Mean for You

Did you open ChatGPT this week and spot model names like Sol, Terra, or Luna? You are not imagining things. On July 9, 2026, OpenAI released GPT-5.6, a new family of three models, and the naming system changed along with it. If the announcement felt like it was...

ChatGPT Atlas Is Being Discontinued: What You Need to Know
ChatGPT Atlas Is Being Discontinued: What You Need to Know

If you downloaded OpenAI's Atlas browser last October to let ChatGPT handle your tabs, forms, and bookings, you're about to get some news. OpenAI announced on July 9, 2026 that it is shutting Atlas down. The browser stops working on August 9, 2026. This isn't just a...

AI Tools for Thesis Writing: What Helps and What to Avoid
AI Tools for Thesis Writing: What Helps and What to Avoid

Writing a thesis can feel like doing three jobs at once. You are the researcher hunting for papers, the writer drafting chapters, and the admin keeping hundreds of references in order. So it makes sense that so many students now search for an "AI thesis writer" and...

How to Use AI to Learn Coding: A Beginner’s Guide (2026)
How to Use AI to Learn Coding: A Beginner’s Guide (2026)

Learning to code used to mean sitting alone with a broken program, a strange error message, and nobody to ask. A single missing bracket could cost you an hour. If that kind of frustration has ever kept you from starting, here's some good news. You can now use AI to...

More for you

Laptop on a desk showing the OpenAI ChatGPT website

GPT-5.6 Explained: What OpenAI’s New Models Mean for You

OpenAI just released GPT-5.6 with three models called Sol, Terra, and Luna. Here is a simple guide to what changed, who gets what, and what it means for your daily work.

Laptop screen showing an online video meeting with an AI meeting assistant taking notes

AI Meeting Assistants: A Simple Guide to Automatic Meeting Notes

AI meeting assistants can join your calls, write the transcript, and hand you a summary with action items. Here is how they work, which tools to try, and how to stay private.

Person browsing the web on a laptop

ChatGPT Atlas Is Being Discontinued: What You Need to Know

OpenAI just announced it is discontinuing the ChatGPT Atlas browser. Here’s what changed, what you need to save before August 9, and how AI browser agents like Comet, Gemini in Chrome, and Claude in Chrome compare.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Verified by MonsterInsights