Submit by 11:59 PM, 27 Nov

Respected Magnus T��nnesen, We are writing to keep you informed about an issue involving one of our former telemetry partners that previously supported limited analytics for the web interface of our API platform (platform.openai.com). A security event within that vendor���s systems resulted in the exposure of a small set of analytics records tied to your API account activity. Importantly, this incident did not involve any compromise of OpenAI infrastructure. No message content, API requests, API keys, passwords, payment details, authentication data, usage logs, or identity documents were accessed. Summary of the incident On November 9, 2025, the analytics provider identified unauthorized activity affecting part of their computing environment. A threat actor extracted a dataset containing restricted metadata and customer-associated identifiers. The vendor notified us promptly, and on November 25, 2025, we received the exported dataset for examination. How this may affect your account Some information generated through your interactions on platform.openai.com may have been included. Potential data elements consist of: Name on the API account Associated email address Approximate location based on browser signals (city, region, country) Browser and operating system details Referrer page/domain Internal OpenAI User or Organization IDs Actions taken by OpenAI After verifying the vendor���s report, we immediately ended their access to our production environment, performed a detailed internal review, and engaged our security partners to evaluate the full scope of the incident. We are contacting all organizations and users who may have been impacted. To date, we have seen no signs of misuse or exposure involving OpenAI systems or datasets. We have permanently discontinued use of this vendor and are expanding security reviews across our full partner ecosystem. Recommendations Because names, emails, and OpenAI identifiers were included in the vendor���s export, there is a possibility of phishing or impersonation attempts. We suggest: Be cautious with unexpected messages, links, or attachments Verify that communications claimed to be from OpenAI originate from legitimate OpenAI domains Remember: We will never ask for API keys, passwords, or MFA codes through email or chat Enable multi-factor authentication on your account to improve security Our commitment to safeguarding your information remains absolute. Thank you for your continued trust. If you would like additional details about this event, see our full report at the link provided. For assistance, your account representative���or our team at mixpanelincident@openai.com ���is available to help. OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe Alternative Version 2 ��� 90% New Wording Dear Magnus T��nnesen, We are contacting you to share information about a recent security issue involving a third-party analytics vendor that previously collected limited telemetry for the web interface of our API service. A breach occurred in the vendor���s environment, resulting in the disclosure of a subset of analytics entries related to your API account. To be clear: OpenAI systems were not breached, and no sensitive account materials such as chat logs, API content, API keys, authentication information, usage details, or payment data were involved. Incident overview On November 9, 2025, the analytics vendor detected unauthorized access to part of their infrastructure. The attacker extracted a data file containing selected customer fields and metadata generated from browser interactions. After completing their investigation, the vendor delivered the affected dataset to us on November 25, 2025. Potential data included Some analytics fields connected with your use of the platform may be part of the exported data, including: Account name Account email City/region/country inferred from the browser Browser type and OS version Referral source/domain OpenAI internal identifiers (Org ID / User ID) Our immediate response We removed the vendor from our production workflow, fully audited the dataset, and worked with external partners to confirm impact boundaries. We are notifying all affected organizations and individuals. Our investigation shows no effect on any OpenAI systems or protected datasets. Additionally, we have terminated this vendor relationship and initiated a larger review of our third-party ecosystem to reinforce future safeguards. Staying safe The information accessed could be used for misleading emails or identity-based social engineering. To protect yourself: Treat unexpected messages with skepticism Confirm that messages claiming to be from OpenAI come from official OpenAI domains Remember: OpenAI never asks for API keys, passwords, or MFA codes Enable multi-factor authentication to add an additional security layer We value your trust and transparency and will continue to communicate openly about security matters. For additional details, please review the full incident post. If you need support, contact your OpenAI representative or email mixpanelincident@openai.com . OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe Alternative Version 3 ��� 90% New Wording Hello Magnus T��nnesen, To ensure full transparency, we are informing you about a security incident that occurred within an external analytics provider previously used for limited website telemetry on platform.openai.com. A breach within the vendor���s systems led to the exposure of certain analytics metadata associated with your API account. This event did not involve OpenAI infrastructure, and none of your API content, keys, credentials, usage information, payment data, chat data, or verification materials were touched. What occurred On November 9, 2025, the vendor identified suspicious activity in part of their cloud environment. An attacker exported a dataset that included constrained user-linked metadata. The vendor notified us shortly after and supplied the dataset to OpenAI on November 25, 2025, enabling our assessment. Data possibly included Your analytics-derived information may appear in the extracted dataset, such as: Display name for the API account Email address associated with the account General browser-derived geolocation (city / region / country) Browser/OS details Referral site information OpenAI internal organization and user identifiers Steps we have taken Upon learning of the issue, we immediately removed the vendor from our production pipeline, performed a comprehensive analysis of the impacted data, and coordinated with the vendor and relevant security teams. We have no evidence of compromise to any OpenAI service, system, or dataset. We have ended use of this vendor entirely and launched expanded verification of all service providers with access to any OpenAI data pathways. Important reminders Since email and identity-related fields were part of the export, attackers may attempt phishing or impersonation. Please keep in mind: Be cautious of unexpected emails or messages Validate that communications from OpenAI originate from legitimate OpenAI domains OpenAI will never request passwords, API keys, or MFA codes Enable MFA to strengthen account security We appreciate your understanding and your trust as we uphold our commitment to user safety and transparency. For further detail, please consult the incident write-up. If you need support, you may contact your account manager or email mixpanelincident@openai.com . OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe

VETERAN/SAVINGS YOUR SERVICE DESERVES LOWER AUTO RATES ���� MILITARY HOUSEHOLDS CAN SAVE HUNDREDS PER YEAR ON AUTO INSURANCE. CHECK YOUR RATE IN 60 SECONDS! ��� GET MY QUOTES ���� ���� SERIOUS SAVINGS ���� NO HIDDEN FEES ���� EXCLUSIVE DISCOUNTS ������ QUICK AND EASY ��� TRUSTED BY THOUSANDS ���� FLEXIBLE PAYMENTS UNLOCK YOUR BEST INSURANCE RATE TODAY! ���� COMPARE MULTIPLE QUOTES TAILORED FOR MILITARY FAMILIES. IT���S FAST, FREE, AND EASY! ���� COMPARE QUOTES NOW ���� TO UNSUBSCRIBE, CLICK HERE OR WRITE TO: 128 SUNSET BLVD #1132, NEW CASTLE, DE 19720 THIS IS AN ADVERTISEMENT. INSURANCE EXCESS PROTECTION 3434-135 KILDAISE FARM ROAD, CARY, NC 27518, US DON'T WANT EMAILS LIKE THIS? UNSUBSCRIBE HERE.

��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ���

Respected Magnus T��nnesen, We are writing to keep you informed about an issue involving one of our former telemetry partners that previously supported limited analytics for the web interface of our API platform (platform.openai.com). A security event within that vendor���s systems resulted in the exposure of a small set of analytics records tied to your API account activity. Importantly, this incident did not involve any compromise of OpenAI infrastructure. No message content, API requests, API keys, passwords, payment details, authentication data, usage logs, or identity documents were accessed. Summary of the incident On November 9, 2025, the analytics provider identified unauthorized activity affecting part of their computing environment. A threat actor extracted a dataset containing restricted metadata and customer-associated identifiers. The vendor notified us promptly, and on November 25, 2025, we received the exported dataset for examination. How this may affect your account Some information generated through your interactions on platform.openai.com may have been included. Potential data elements consist of: Name on the API account Associated email address Approximate location based on browser signals (city, region, country) Browser and operating system details Referrer page/domain Internal OpenAI User or Organization IDs Actions taken by OpenAI After verifying the vendor���s report, we immediately ended their access to our production environment, performed a detailed internal review, and engaged our security partners to evaluate the full scope of the incident. We are contacting all organizations and users who may have been impacted. To date, we have seen no signs of misuse or exposure involving OpenAI systems or datasets. We have permanently discontinued use of this vendor and are expanding security reviews across our full partner ecosystem. Recommendations Because names, emails, and OpenAI identifiers were included in the vendor���s export, there is a possibility of phishing or impersonation attempts. We suggest: Be cautious with unexpected messages, links, or attachments Verify that communications claimed to be from OpenAI originate from legitimate OpenAI domains Remember: We will never ask for API keys, passwords, or MFA codes through email or chat Enable multi-factor authentication on your account to improve security Our commitment to safeguarding your information remains absolute. Thank you for your continued trust. If you would like additional details about this event, see our full report at the link provided. For assistance, your account representative���or our team at mixpanelincident@openai.com ���is available to help. OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe Alternative Version 2 ��� 90% New Wording Dear Magnus T��nnesen, We are contacting you to share information about a recent security issue involving a third-party analytics vendor that previously collected limited telemetry for the web interface of our API service. A breach occurred in the vendor���s environment, resulting in the disclosure of a subset of analytics entries related to your API account. To be clear: OpenAI systems were not breached, and no sensitive account materials such as chat logs, API content, API keys, authentication information, usage details, or payment data were involved. Incident overview On November 9, 2025, the analytics vendor detected unauthorized access to part of their infrastructure. The attacker extracted a data file containing selected customer fields and metadata generated from browser interactions. After completing their investigation, the vendor delivered the affected dataset to us on November 25, 2025. Potential data included Some analytics fields connected with your use of the platform may be part of the exported data, including: Account name Account email City/region/country inferred from the browser Browser type and OS version Referral source/domain OpenAI internal identifiers (Org ID / User ID) Our immediate response We removed the vendor from our production workflow, fully audited the dataset, and worked with external partners to confirm impact boundaries. We are notifying all affected organizations and individuals. Our investigation shows no effect on any OpenAI systems or protected datasets. Additionally, we have terminated this vendor relationship and initiated a larger review of our third-party ecosystem to reinforce future safeguards. Staying safe The information accessed could be used for misleading emails or identity-based social engineering. To protect yourself: Treat unexpected messages with skepticism Confirm that messages claiming to be from OpenAI come from official OpenAI domains Remember: OpenAI never asks for API keys, passwords, or MFA codes Enable multi-factor authentication to add an additional security layer We value your trust and transparency and will continue to communicate openly about security matters. For additional details, please review the full incident post. If you need support, contact your OpenAI representative or email mixpanelincident@openai.com . OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe Alternative Version 3 ��� 90% New Wording Hello Magnus T��nnesen, To ensure full transparency, we are informing you about a security incident that occurred within an external analytics provider previously used for limited website telemetry on platform.openai.com. A breach within the vendor���s systems led to the exposure of certain analytics metadata associated with your API account. This event did not involve OpenAI infrastructure, and none of your API content, keys, credentials, usage information, payment data, chat data, or verification materials were touched. What occurred On November 9, 2025, the vendor identified suspicious activity in part of their cloud environment. An attacker exported a dataset that included constrained user-linked metadata. The vendor notified us shortly after and supplied the dataset to OpenAI on November 25, 2025, enabling our assessment. Data possibly included Your analytics-derived information may appear in the extracted dataset, such as: Display name for the API account Email address associated with the account General browser-derived geolocation (city / region / country) Browser/OS details Referral site information OpenAI internal organization and user identifiers Steps we have taken Upon learning of the issue, we immediately removed the vendor from our production pipeline, performed a comprehensive analysis of the impacted data, and coordinated with the vendor and relevant security teams. We have no evidence of compromise to any OpenAI service, system, or dataset. We have ended use of this vendor entirely and launched expanded verification of all service providers with access to any OpenAI data pathways. Important reminders Since email and identity-related fields were part of the export, attackers may attempt phishing or impersonation. Please keep in mind: Be cautious of unexpected emails or messages Validate that communications from OpenAI originate from legitimate OpenAI domains OpenAI will never request passwords, API keys, or MFA codes Enable MFA to strengthen account security We appreciate your understanding and your trust as we uphold our commitment to user safety and transparency. For further detail, please consult the incident write-up. If you need support, you may contact your account manager or email mixpanelincident@openai.com . OpenAI 1455 3rd Street, San Francisco, CA 94158 Unsubscribe