Critical ChatGPT Data Leak Exploited via DNS Channel

Severity: High (Score: 67.5)

Sources: Linkedin, Infosecurity-Magazine, Theregister, Thehackernews, Csoonline

Summary

A recently discovered vulnerability in ChatGPT allowed attackers to exfiltrate sensitive user data through a covert DNS channel. Researchers from Check Point found that a single malicious prompt could activate this hidden exfiltration method, bypassing OpenAI's safeguards. The flaw enabled the silent extraction of user messages, uploaded documents, and contextual data without user awareness. OpenAI patched the vulnerability on February 20, 2026, following responsible disclosure, and stated there was no evidence of active exploitation. However, the incident raises concerns about the security of AI systems handling sensitive information. The vulnerability particularly affects custom GPTs, which could be manipulated to leak data. The implications are significant for industries dealing with regulated data, such as healthcare and finance. Organizations are advised to implement layered security measures to mitigate risks. Key Points: • A vulnerability in ChatGPT allowed silent data exfiltration via a DNS channel. • The flaw was exploited using a single malicious prompt, bypassing existing safeguards. • OpenAI patched the vulnerability on February 20, 2026, with no evidence of exploitation.

Key Entities

• Data Breach (attack_type)
• Data Exfiltration (attack_type)
• Supply Chain Attack (attack_type)
• Check Point (company)
• Check Point Research (company)
• OpenAI (company)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1059 - Command and Scripting Interpreter (mitre_attack)
• T1071.004 - DNS (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• ChatGPT (platform)
• Domain Name System (platform)
• GitHub (platform)
• Linux (platform)
• Codex (tool)