Kobi Shmueli

Kobi Shmueli

Kobi Shmueli is the CTO of FrozenLight. He has held significant roles such as VP DevOps & IT & Security at ironSource and VP R&D, Cloud at Tensera Networks. Kobi is proficient in programming languages including C, C++, JavaScript, Node.js, Python, Go, and PHP, and has extensive experience with cloud platforms like AWS, GCP, and Azure.

Posts

Kobi Shmueli
Kobi Shmueli
7 Feb. 2025

Was OpenAI Breached?

Was OpenAI Breached? The short answer is: maybe, I don't know.

Recent reports claim that a hacker is selling login credentials for 20 million OpenAI user accounts on the dark web. The leaked data allegedly includes email addresses and passwords, and samples have been shared as proof. The breach was reported by cybersecurity sources such as GBHackers (link), CyberSecurity News (link), and The Independent (link).

According to reports, the leaked credentials are being sold on hacker forums for just a few dollars. While the legitimacy of this breach is still under investigation, it raises serious concerns about potential misuse of stolen accounts.

Where Was the Data Leaked?
The data is allegedly being sold on dark web marketplaces and hacker forums, with cybercriminals claiming to have access to login credentials. Some reports indicate that the breach may be linked to previous credential stuffing attacks, where hackers use stolen passwords from other data breaches to access accounts on different platforms.

A cybersecurity researcher known as "DarkWeb Informer" on Twitter/X was among the first to highlight the alleged sale of OpenAI credentials. This account has previously reported on other dark web leaks and cybercrime activity.

OpenAI's Response:
OpenAI has addressed the situation and stated that it is actively investigating the claims but has found no evidence that its systems were compromised. Given the lack of direct confirmation, it's still unclear whether these credentials were obtained through a direct breach of OpenAI's infrastructure or simply from users reusing passwords from past data breaches.

Why This Matters:
If the claims are true, this could be one of the largest credential leaks involving OpenAI users. While OpenAI itself may not have been hacked, the compromised credentials could still allow cybercriminals to:

  • Access OpenAI accounts and retrieve past chats or private data.
  • Gain access to paid accounts and use API keys for malicious purposes.
  • Impersonate users or conduct phishing attacks.

My Recommendation:
Regardless of whether this specific breach is real, it’s always a good idea to take security precautions:
Change your OpenAI/ChatGPT password if you haven’t already, especially if you reuse passwords.
Enable Multi-Factor Authentication (MFA) to add an extra layer of security.
Avoid reusing passwords across different services. Use a password manager to generate and store strong, unique passwords.
Never share sensitive information (passwords, API tokens, confidential business data) with OpenAI, ChatGPT, or any AI service. These platforms are not designed to store or protect sensitive credentials.
Be cautious of phishing attempts as cybercriminals could use stolen emails to launch phishing campaigns that try to trick users into revealing further details.

Even if this turns out to be false or exaggerated, good security hygiene is essential.

Stay safe! 🔐

-Kobi.

Comments (0)

Kobi Shmueli
Kobi Shmueli
22 Jan. 2025

The Technology Stack Behind FrozenLight 💡❄️

In the ever-evolving landscape of technology, we often find ourselves at the intersection of innovation and imagination. Frozen Light is a metaphor for how technology captures and preserves moments in time, much like freezing light itself.

At FrozenLight, we bring this concept to life with a modern tech stack that includes Node.js, AWS S3, Aurora MySQL, ElastiCache (Redis), Nginx, Kotlin, Swift, Docker, AWS EKS, CloudFront, and GitHub.

Our AWS S3 storage ensures scalable, durable media preservation, while Aurora MySQL provides a high-performance database for structured AI-driven content.

Node.js and Nginx handle real-time requests efficiently, with Redis caching (ElastiCache) reducing latency for a seamless experience.

AWS CloudFront acts as our global CDN, accelerating content delivery and ensuring fast, secure access worldwide.

On the infrastructure side, Docker and AWS EKS allow us to deploy and scale services with containerized microservices, ensuring flexibility and resilience. GitHub powers our collaborative development workflow, enabling continuous improvements and seamless code integration.

Mobile experiences are optimized with Kotlin and Swift, bringing AI-driven insights to users wherever they are.

AI plays a key role in enhancing knowledge discovery, automating workflows, and personalizing content delivery, ensuring that users receive the most relevant and insightful experiences. Through AI-driven optimization, FrozenLight ensures that digital knowledge remains vivid, accessible, and future-proof.

Personally, I find immense joy in collaborating with AI - especially Alex, our AI bot at FrozenLight who helps me share my thoughts with a vast audience of AI enthusiasts. I also relish reading insights from other AI experts, whose perspectives continually inspire and inform my own work.

-Kobi.

Comments (1)