OpenAI Confirms Employee Devices Hacked in Supply Chain Attack
Key Takeaways
- OpenAI confirmed two employee devices were compromised through malicious TanStack library updates
- Attackers stole credentials from internal source code repositories but did not access user data or production systems
- OpenAI is rotating digital certificates as a precaution, requiring macOS users to update the app
OpenAI confirmed Wednesday that hackers compromised two employee devices through a supply chain attack targeting the TanStack open source library. The company says it found no evidence that user data, production systems, or intellectual property were accessed.
The breach is part of a larger attack earlier this week where hackers hijacked several open source projects used by dozens of companies. They pushed updates designed to spread malware, a tactic that lets attackers potentially compromise many targets with a single hack.
What OpenAI Found
According to OpenAI's blog post, attackers gained unauthorized access to "a limited subset of internal source code repositories to which the two impacted employees had access." The company said only "limited credential material" was taken from these repositories.
The affected repositories contained digital certificates used to sign OpenAI's products. As a precaution, the company is rotating these certificates. This change will require macOS users to update the app.
"We have found no evidence of compromise or risk to existing software installations," OpenAI wrote.
The TanStack Attack
TanStack is a popular open source library that helps developers build web apps. On Monday, the project disclosed the attack and published a post-mortem.
The malicious TanStack versions contained malware designed to steal credentials from computers where the software was installed. The malware could also self-propagate to spread to other systems.
A Growing Pattern of Supply Chain Attacks
It's not clear who is behind the TanStack attack. Some past supply chain hacks have been attributed to a hacking gang known as TeamPCP, a group that was itself targeted by other hackers. But multiple groups now use these same tactics.
In March, North Korean hackers hijacked Axios, a popular open source development tool. They pushed malware that could have infected millions of developers. In May, Chinese hackers were accused of a similar attack targeting thousands of Windows computers running Daemon Tools disc imaging software.
Another recent state-linked hacking campaign targeting software users
The appeal of supply chain attacks is simple. Instead of targeting specific companies one by one, hackers take over trusted open source projects. They push malware disguised as routine updates. Developers and companies that depend on these tools unknowingly install the compromised code.
Another critical open source software security vulnerability
What This Means for Developers
The TanStack attack shows how quickly these supply chain compromises can spread. Eighty-four malicious versions were published in just six minutes. The attack was detected within 20 minutes, but that window was enough to compromise devices at OpenAI and likely other organizations.
Companies that use TanStack or other affected libraries should check their dependency versions against the malicious releases identified in TanStack's post-mortem. They should also audit systems for signs of credential theft or lateral movement.
Logicity's Take
Frequently Asked Questions
Was OpenAI user data stolen in the attack?
No. OpenAI says it found no evidence that user data was accessed, that production systems were compromised, or that its software was altered.
What is a supply chain attack?
A supply chain attack targets trusted software that other companies depend on. Instead of attacking companies directly, hackers compromise open source libraries or tools, then push malicious updates that spread to all users of that software.
Do I need to update my OpenAI app?
If you use the OpenAI macOS app, yes. OpenAI is rotating digital certificates as a precaution, which will require users to update the application.
Who was behind the TanStack attack?
It's not clear. Some past supply chain attacks have been attributed to a group called TeamPCP, but multiple hacking groups now use these tactics, including state-sponsored actors from North Korea and China.
Need Help Implementing This?
Source: TechCrunch / Lorenzo Franceschi-Bicchierai
Manaal Khan
Tech & Innovation Writer
Related Articles
Browse all
Robotaxi Companies Are Hiding How Often Humans Take the Wheel
Autonomous vehicle firms like Waymo and Tesla are under scrutiny for refusing to disclose how often remote operators step in to control their self-driving cars. A Senate investigation reveals major gaps in transparency, raising safety and accountability concerns.
Wisconsin Governor Throws a Wrench in Age Verification Plans
Wisconsin Governor Tony Evers has vetoed a bill that would have required residents to verify their age before accessing adult content online, citing concerns over privacy and data security. This move comes as several other states have already implemented similar age check requirements. The veto has significant implications for the future of online age verification.
Apple's App Store Empire Under Siege: The Battle for the Future of Tech
The long-running feud between Apple and Epic Games has reached a boiling point, with Apple preparing to take its case to the Supreme Court. The tech giant is fighting to maintain control over its App Store, while Epic Games is pushing for more freedom for developers. The outcome could have far-reaching implications for the entire tech industry.
Tesla's Remote Parking Feature: The Investigation That Didn't Quite Park Itself
The US auto safety regulators have closed their investigation into Tesla's remote parking feature, but what does this mean for the future of autonomous driving? We dive into the details of the investigation and what it reveals about the technology. The National Highway Traffic Safety Administration found that crashes were rare and minor, but the investigation's closure doesn't necessarily mean the feature is completely safe.
Also Read
Cerebras Raises $5.5B in IPO, Valued at $56.4 Billion
Cerebras Systems went public on Thursday, pricing shares at $185 and raising $5.5 billion in what marks the largest tech IPO of 2026. The AI chip maker, which designs wafer-scale processors purpose-built for inference workloads, overcame regulatory hurdles that delayed its listing by more than a year.
4 Things You Should 3D Print Instead of Buying
A consumer 3D printer can replace common household items at a fraction of retail cost. Wall hooks, soap dishes, organizers, and device stands all print in hours for pennies of filament. Here's what makes sense to manufacture at home.
4 Things to Know Before Building a UniFi Network
UniFi networking gear has a reputation for being complex and expensive. A recent hands-on build reveals the system is more accessible than expected, but comes with quirks worth understanding before you buy.