OpenAI discloses Mixpanel security incident impacting some API users
The company said a breach at analytics vendor Mixpanel exposed limited profile and analytics data for some OpenAI API users; ChatGPT and core OpenAI systems have not been affected.
OpenAI disclosed that a recent security incident at analytics vendor Mixpanel exposed limited profile and analytics data relating to some users of its API product.
The company stressed that this was not been a breach of OpenAI’s own systems and that ChatGPT users were not affected.
In a security notice, OpenAI said Mixpanel, which it uses for web analytics on the frontend of platform.openai.com, experienced unauthorised access to part of its systems.
Mixpanel informed OpenAI that an attacker exported a dataset containing limited customer-identifiable and analytics information. According to OpenAI, the provider shared the affected dataset with it on 25 November 2025.
What was exposed?
OpenAI indicated the potentially affected fields include:
- Name provided on the API account
- Email address associated with the API account
- Approximate city, state, and country inferred from the user’s browser
- Operating system and browser used to access the account
- Referring websites
- Organisation or user IDs tied to the API account
Crucially, OpenAI said that no chats, prompts, API requests, API usage data, passwords, credentials, API keys, payment information, government IDs, session tokens, or other sensitive parameters were exposed.
OpenAI’s response
OpenAI removed Mixpanel from production services, reviewed the datasets provided by the vendor, and terminated its use of Mixpanel.
The company added that it is conducting expanded security reviews across its vendor ecosystem and elevating requirements for partners.
While OpenAI has not recommended password resets or API key rotation (because such credentials were not involved), it urged vigilance against phishing and social engineering attempts that could leverage names and email addresses.
The company advised users to verify that messages are from official OpenAI domains, to treat unexpected links and attachments with caution, and to enable multi‑factor authentication on accounts.
For founders and product teams, the episode underlined third‑party and vendor‑risk exposure in analytics implementations.
Even where core application data remains secure, profile and telemetry data can still be valuable to attackers for targeted phishing.