How to track the unauthorized access of ChatGPT account

API Feedback
1

I forgot to log out of ChatGPT on the company laptop, which I handed over to them on the evening of January 10th, a few days before my last day. I would appreciate it if you could help me track the device access history for my ChatGPT account.

I bought a new personal laptop on January 13th and changed my password the same day. However, I had very important prompts on January 11th and 12th, before logging out of all devices and changing my password.

I suspect my ex-company may have had unauthorized access to my ChatGPT account.

Can anyone help me how to track the unauthorised access to my account?

2

Hi @nghg63 :wave:
Welcome :people_hugging: to the community!

OpenAI doesn’t offer a built-in feature to view recent login activity,

You should contact support team on Help page.

To contact with OpenAI Help Center and start a chat using widget on bottom-right side of the page with OpenAI support, follow steps below:

1 - Go to ChatGPT and log in with the account you want to use.

2- Go to Help Center and select the Chat widget icon.

polepole-1
polepole-14400×2181 249 KB

3- Click on Messages

polepole-2
polepole-2329×631 24.5 KB

4- Click on Ask a question

polepole-3
polepole-3380×678 13 KB

and continue…

3

If this was used:

The image shows a security settings menu with options for enabling multi-factor authentication and logging out of all devices. (Captioned by AI)
The image shows a security settings menu with options for enabling multi-factor authentication and logging out of all devices. (Captioned by AI)659×284 6.43 KB

Then loading ChatGPT will produce a login requiring reauthentication.

There is similar in the API platform site, under profile->security

Your browser in your OS user profile can still have cached data if one understands how to get into it.

This is especially prevalent and problematic when using the API and the playground, as plaintext usage history with all model context is stored in local browser and not remotely.

The image shows a browser's developer tools interface, specifically the storage section, highlighting IndexedDB data with keys and values from a web application. (Captioned by AI)
The image shows a browser's developer tools interface, specifically the storage section, highlighting IndexedDB data with keys and values from a web application. (Captioned by AI)620×263 13.7 KB

The hindsight step would have been to create a new user account and delete the old one, or reset the OS, or do a SATA secure delete on the storage.

You can remind their admin to not do computer intrusion crimes with any left-behind credentials.