OpenAI Data Breach? No User Info Stolen in Library Attack

OpenAI data breach concerns emerged after the TanStack npm supply-chain attack, but no user data was accessed. The Silicon Review reports on two impacted employee devices and required macOS updates.

OpenAI data breach fears have been addressed after the ChatGPT maker confirmed that no user data was compromised following a supply-chain attack on the widely-used TanStack open-source library, part of a broader campaign known as "Mini Shai-Hulud”. The company stated that after an immediate internal investigation, it found "no evidence that OpenAI user data was accessed, that our production systems or intellectual property were compromised, or that our software was altered." 

Two employee devices in OpenAI‘s corporate environment were impacted by the malicious activity. Investigators confirmed that only limited credential material was exfiltrated from source code repositories the two employees had access to, with no other information or code affected. The AI firm acted to contain the threat, isolating impacted systems, revoking user sessions, rotating credentials across affected repositories, and temporarily restricting code-deployment workflows.

This AI cybersecurity incident highlights a growing trend: attackers are increasingly targeting shared software dependencies rather than single organizations. OpenAI was in the process of deploying enhanced security controls, including package manager configurations with minimumReleaseAge requirements. The two impacted devices had not yet received these updated configurations at the time of the attack.

OpenAI engaged a third-party digital forensics and incident response firm as part of its investigation. While the incident did not affect customer data or passwords, it did impact code-signing certificates used for OpenAI's products. As a result, all macOS users must update their OpenAI applications by June 12, 2026, to ensure they are running versions signed with the company‘s new security certificates. Windows and iOS users do not need to take any action.

Users should only download OpenAI apps from in-app updates or the official website and be extremely cautious of unexpected installers sent through emails, messages, or third-party download sites.

As OpenAI confirms no user data was breached in the TanStack supply-chain attack, The Silicon Review examines the growing threat landscape targeting open-source libraries and why macOS users must update by June 12 to stay protected.

Q: Was there OpenAI data breach involving user information?

A: No. OpenAI investigated the TanStack npm supply-chain attack and found no evidence that user data was accessed, production systems were compromised, or software was altered. Two employee devices in the corporate environment were impacted.

Q: What is the TanStack supply-chain attack affecting OpenAI?

A: The attack is part of a broader campaign called “Mini Shai-Hulud” targeting the widely used TanStack open-source library. Two OpenAI employee devices downloaded a malicious version of the library, leading to limited credential exfiltration from source code repositories.

Q: Do I need to change my OpenAI password or API keys after this attack?

A: No. OpenAI confirmed that customer passwords and API keys were not affected by this security incident. No action is required for user credentials.

Q: Why do macOS users need to update their OpenAI apps by June 12, 2026?

A: OpenAI is rotating its code-signing certificates as a precaution because they were present in impacted repositories. After June 12, older versions signed with the previous certificate will be blocked by macOS security protections and may not function.

Q: Was any malware signed with OpenAI‘s certificates?

A: No. OpenAI has found no evidence that malicious software has been signed with any of its certificates. The company has also blocked any further notarization using the impacted certificate.

Q: How many employee devices were impacted in the OpenAI security incident?

A: Two employee devices in OpenAI’s corporate environment were impacted by the attack. The company immediately isolated these systems, revoked user sessions, and rotated all credentials across impacted repositories.