Paid Account Hacked, someone else is now the Owner

I have a paid account with OpenAI and I activated billing on it in March as I use the API in one of my products. I was the only owner of this account and have been using it without issues.

Today, when I logged in to check my usage it tells me that I am not the owner of the account, and someone else is! When I goto Members section it shows some random account “@outlook.com” as the owner! I don’t know who this is and now there is no way for me to remove it as he is the owner, and the only option I get is to Leave !!

Worst part is, I cannot even access the Billing page and remove my Credit Card from there even though its my personal credit card in my personal name. Only an owner can update billing information!

How can I get back my account? There is no support email id of OpenAI that I can reach out to. Please advice.

5 Likes

Nobody regularly monitoring the forum is in the accounts department of OpenAI. We are fellow users.

The contact method is to go to help.openai.com, and go to the lower-right floating icon, and send a message “my account was hacked! I need OpenAI to reset it” so you get a non-bot answer and a path to customer service.

1 Like

Thanks, I understand that most of the members here are users or developers. I already contacted help.openai.com - infact, that was my 1st point of action I took but there was a bot, and at the end all i got was “someone will reach out when they can”. So just signed up here to see if anyone had similar issue and got it solved.

I suppose OpenAI might be having a support team for the paying users and developers.

So you have been demoted to a role of “reader”?

The “organization” system of OpenAI is quite preposterous. The invite system lets you send invites to others, make them owners, who can then use their API keys but then bill their key usage to your organization - that you are no longer in control of when they also go to the organization and change the original account’s role.

You can see if under billing you can “cancel paid account”, set hard limits, or any other owner roles. Or if they let you rename the organization to “xxx@outlook.com is a criminal and will pay if he doesn’t return ownership”

You can at least reset your password so they don’t continue to have access to your account.

It seems to me that your credit card company should be able to help you with this. They will be able to stop further payments to OpenAi and potentially recover your losses as they take credit card fraud very seriously.

There are several ways open to you to archive your chat history. Are you able to view any chats that the pirate has conducted?

3 Likes

My chat(dot)openai(dot)com is not compromised, there are no chats that the pirate has done in there. So maybe they are separate system at OpenAI backend. The problem is in platform(dot)openai(dot)com where I am just a Reader and someone else is the owner. Worst part - cannot goto Billing page (as that is accessible only to Owners) so cant even remove my own personal credit card !

Correct, demoted to a Reader now. And cannot access Billing to remove my credit card (which is in my personal name) as billing is only accessible to Owners. Worst part is that because of my payment and usage history OpenAI recently increased my approved limit by about 3 times! So its all open to the hacker now.

Its frustrating that they would leave a gaping hole somewhere in “organization” system that locks you out of your own account!

Investigated the outlook(dot)com id, and their recovery is set to qq(dot)com which is all I know about the pirate.

Welcome to the forum, animeshs

To the best of my knowledge it should not be possible for someone with just your API key to take control of the account, have you performed any virus checks on your PC? Have you recently clicked on any attachments to an email, or ran downloaded content from a website you do not normally visit?

On a technical note, did your application have the API in the client side or was it remotely stored in a key management system or on a relay server?

If thee API key was in the application itself then this not best practice. The documentation can be found here

https://help.openai.com/en/articles/5112595-best-practices-for-api-key-safety

As a reader of the organization which is what you are now when not the owner, you should be able to see this page which will show you how much they are using the API and the costs that is recurring.
https://platform.openai.com/account/usage

Do keep an eye on that page, tell us the details you find. They are definitely not going to be using https://chat.openai.com but they will be using the API keys which you can monitor.

If you see that the usage is ramping up from that page, definitely contact your credit card company and get them to cancel any potential payments after explaining the situation. That will ensure you do not have to pay.

I’m curious what would happen if you were to leave the organization, hopefully it would pull your associated billing details with it.
But at this time I would advise against it, because I really don’t know what would happen, and it will be good to be able to monitor it in the meantime.

One thing that makes me think leaving the organization might pull the billing details, is the fact that the bad actor has let you remain in the organization. Realistically he should’ve kicked you out as soon as he gained control, but since he did not. I assume that may mess with the billing details. However that is all speculation.

Interesting to think from the hackers perspective! You are right, I could have been kicked out of the org, but the hacker let me remain there so certainly there is some reason behind it, unless its their ignorance which I doubt.

The usage has not gone up, but I would keep a watch on it. Maybe its day 1.

Wondering, why wouldn’t OpenAI even bother to send a notification email when a new user is added to your account with a link to report suspicious activity? Basic security practice that many companies follow seems to be missing here.

Even their UX leaves a lot to be desired. I check my Usage page every few days but nowhere they tell you that you are ‘Reader’ or Owner. Today, its just by chance that I clicked on Billing, and discovered that someone else is the Owner.

My mistake, as a reader, you can only see your own API usage. I just checked to confirm. You won’t be able to see what they are up to. It’s safe to assume it is being used as soon as access was granted.

Sorry for your trouble. And keep in mind what the others have mentioned here, your browser or operating system has probably been infected because API keys alone can’t let you make these changes. Have you installed any strange browser addons or software lately?

OMG! Truly worried now. No Browser addons at all, and my Mac isnt compromised afaik. So waiting for OpenAI support team to reply back.

The first thing to do is reset password … If you don’t still control that email address contact that email company… I think Microsoft active directory got hacked from what I was reading so if it’s a Microsoft account you are using change as many passwords as you can (How do I change my account password? | OpenAI Help Center)

I’m going through the same thing that happened about 10 hours ago. My issue also involves a hacker with Outlook email who is now the owner of the organization while everyone else become readers, and my quota has tripled. I was never hacked in any other services so far, and I’m sure my Mac has no viruses; with passwords, all is fine too as we use Google auth, but tech support isn’t responding. It’s weird for a service I pay for.

I tried to turn on two-factor authentication (2FA), but OpenAI’s website proudly states it’s been turned off since June 12th (Does OpenAI offer Multi-factor authentication (MFA) / Two-Factor Authentication (2FA) ? | OpenAI Help Center).

In an attempt to mitigate the issue, I deleted all the keys, which will mess up my hard-gained app’s ratings. Then, usage oddly stopped. I don’t know why, but I think maybe hackers made their own keys and kept me in the organization for payment details. I’ve reported OpenAI to my bank and asked to block them.

Two of my workmates were also in the organization. They also use safe, clean Macs and never ever haven’t been hacked anywhere else. They’ve left the organization now to be safe. Now, I’m waiting for OpenAI to respond. I hope they answer my questions, even if they don’t think they’re important.

I’m not sure how to make sure my account is safe if it can be hacked.

It seems like it might be a bad idea to invite people to the organization because the system is not capable of providing basic security or even two-factor authentication. It’s not clear what to do next. Any advice would be appreciated.

Just to inform you, Microsoft Outlook was compromised by a hacking group, so that could be the reason for this happening.

In a strange turn of events, the hackers have unexpectedly left the organization, leaving me as a ‘reader’. Still, OpenAI’s support remains unresponsive, which gives me the impression that they don’t prioritize their paid customers.

I’m uncertain about the reference to Outlook, as it’s not utilized in either our or OpenAI’s operations.

It may have nothing to do with it, just a possible attack vector for those using an outlook email.

Was your API key in the app itself or remotely handled?

1 Like

Regrettably, in the app (encrypted). But is OpenAI’s security really so lax that a hacker can take over an entire organization’s account with just an API key? Judging by this thread, it seems several developer accounts have been affected. Therefore, I’m inclined to believe that this isn’t just about the key – there appears to be a broader underlying issue.

1 Like