OpenAI Launches Its Own Bug Bounty Program

OpenAI, the company behind the ChatGPT AI chatbot, has announced the launch of a bug bounty program – a reward for discovering vulnerabilities. Researchers are promised to be paid up to $20,000 for vulnerabilities found in ChatGPT and other OpenAI products and assets.

Registered security researchers will be able to search for bugs in the manufacturer’s product line and receive rewards for reporting them through the Bugcrowd crowdsourcing platform. The amount of the reward will depend on the severity and potential impact of the discovered issues, ranging from $200 for minor bugs to $20,000 for extremely serious vulnerabilities.

Although the OpenAI Application Programming Interface (API) and the ChatGPT chatbot are part of the bug bounty program, the company is asking researchers to report chatbot AI issues via a separate form if the bugs do not impact security.

Other issues that fall outside the scope of the bounty program include jailbreaks and security bypasses that ChatGPT users are using to force the ChatGPT chatbot to ignore rules set by OpenAI engineers.

As a reminder, last month, Chat-GPT users suffered a data breach in which users saw other people’s AI requests, and some ChatGPT Plus subscribers saw other people’s personal data, including the subscriber’s name, email address, billing address, as well as recent four digits of the bank card number and its expiration date.