2025-02
Data Leakage
OmniGPT

OmniGPT AI aggregator breach exposes millions of user chat messages and credentials

What happened

A threat actor listed data allegedly stolen from AI chatbot aggregator OmniGPT for sale on a breach forum. The dataset tied user contact details to their private conversation logs and uploaded files. OmniGPT did not publicly acknowledge the incident.

Impact

Roughly 30,000 user emails and phone numbers plus about 34 million lines of chat messages, along with API keys and links to uploaded files, were put up for sale.

How this could have been prevented

Aggregators that funnel prompts to multiple models must encrypt stored conversations and lock down the cloud storage holding user uploads.

Sources

More data leakage incidents

Would runtime governance have caught this?

Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.

Request a demo