OpenAI sent a warning to API developers on November 28, 2025, regarding a security incident at analytics provider Mixpanel. As a result of an attack (via social engineering), attackers gained access to a limited dataset, including names, email addresses, and browser metadata of some OpenAI API users. The company emphasized that chat contents, passwords, API keys, and payment data were not compromised. OpenAI immediately disconnected Mixpanel from its systems but warned users of an increased risk of phishing attacks.
OpenAI Warns of Developer Metadata Leak Due to Mixpanel Breach
