OpenAI Confirms Employee Devices Hacked in Supply Chain Attack
Key Takeaways
- OpenAI confirmed two employee devices were compromised through malicious TanStack library updates
- Attackers stole credentials from internal source code repositories but did not access user data or production systems
- OpenAI is rotating digital certificates as a precaution, requiring macOS users to update the app
OpenAI confirmed Wednesday that hackers compromised two employee devices through a supply chain attack targeting the TanStack open source library. The company says it found no evidence that user data, production systems, or intellectual property were accessed.
The breach is part of a larger attack earlier this week where hackers hijacked several open source projects used by dozens of companies. They pushed updates designed to spread malware, a tactic that lets attackers potentially compromise many targets with a single hack.
What OpenAI Found
According to OpenAI's blog post, attackers gained unauthorized access to "a limited subset of internal source code repositories to which the two impacted employees had access." The company said only "limited credential material" was taken from these repositories.
The affected repositories contained digital certificates used to sign OpenAI's products. As a precaution, the company is rotating these certificates. This change will require macOS users to update the app.
"We have found no evidence of compromise or risk to existing software installations," OpenAI wrote.
The TanStack Attack
TanStack is a popular open source library that helps developers build web apps. On Monday, the project disclosed the attack and published a post-mortem.
The malicious TanStack versions contained malware designed to steal credentials from computers where the software was installed. The malware could also self-propagate to spread to other systems.
A Growing Pattern of Supply Chain Attacks
It's not clear who is behind the TanStack attack. Some past supply chain hacks have been attributed to a hacking gang known as TeamPCP, a group that was itself targeted by other hackers. But multiple groups now use these same tactics.
In March, North Korean hackers hijacked Axios, a popular open source development tool. They pushed malware that could have infected millions of developers. In May, Chinese hackers were accused of a similar attack targeting thousands of Windows computers running Daemon Tools disc imaging software.
Another recent state-linked hacking campaign targeting software users
The appeal of supply chain attacks is simple. Instead of targeting specific companies one by one, hackers take over trusted open source projects. They push malware disguised as routine updates. Developers and companies that depend on these tools unknowingly install the compromised code.
Another critical open source software security vulnerability
What This Means for Developers
The TanStack attack shows how quickly these supply chain compromises can spread. Eighty-four malicious versions were published in just six minutes. The attack was detected within 20 minutes, but that window was enough to compromise devices at OpenAI and likely other organizations.
Companies that use TanStack or other affected libraries should check their dependency versions against the malicious releases identified in TanStack's post-mortem. They should also audit systems for signs of credential theft or lateral movement.
Logicity's Take
Frequently Asked Questions
Was OpenAI user data stolen in the attack?
No. OpenAI says it found no evidence that user data was accessed, that production systems were compromised, or that its software was altered.
What is a supply chain attack?
A supply chain attack targets trusted software that other companies depend on. Instead of attacking companies directly, hackers compromise open source libraries or tools, then push malicious updates that spread to all users of that software.
Do I need to update my OpenAI app?
If you use the OpenAI macOS app, yes. OpenAI is rotating digital certificates as a precaution, which will require users to update the application.
Who was behind the TanStack attack?
It's not clear. Some past supply chain attacks have been attributed to a group called TeamPCP, but multiple hacking groups now use these tactics, including state-sponsored actors from North Korea and China.
Need Help Implementing This?
Source: TechCrunch / Lorenzo Franceschi-Bicchierai
Manaal Khan
Tech & Innovation Writer
Related Articles
Browse all
Robotaxi Companies Are Hiding How Often Humans Take the Wheel
Autonomous vehicle firms like Waymo and Tesla are under scrutiny for refusing to disclose how often remote operators step in to control their self-driving cars. A Senate investigation reveals major gaps in transparency, raising safety and accountability concerns.
Wisconsin Governor Throws a Wrench in Age Verification Plans
Wisconsin Governor Tony Evers has vetoed a bill that would have required residents to verify their age before accessing adult content online, citing concerns over privacy and data security. This move comes as several other states have already implemented similar age check requirements. The veto has significant implications for the future of online age verification.
Apple's App Store Empire Under Siege: The Battle for the Future of Tech
The long-running feud between Apple and Epic Games has reached a boiling point, with Apple preparing to take its case to the Supreme Court. The tech giant is fighting to maintain control over its App Store, while Epic Games is pushing for more freedom for developers. The outcome could have far-reaching implications for the entire tech industry.
Tesla's Remote Parking Feature: The Investigation That Didn't Quite Park Itself
The US auto safety regulators have closed their investigation into Tesla's remote parking feature, but what does this mean for the future of autonomous driving? We dive into the details of the investigation and what it reveals about the technology. The National Highway Traffic Safety Administration found that crashes were rare and minor, but the investigation's closure doesn't necessarily mean the feature is completely safe.
Also Read
Samsung Eyes Chip Packaging Plant in South Korea's Gwangju
Samsung Electronics is considering a new advanced semiconductor packaging facility in Gwangju, South Korea. The investment plan may be announced at a June 29 meeting with President Lee Jae Myung. The move reflects Samsung's push to catch up with SK Hynix in the high-bandwidth memory market critical to AI hardware.
Samsung Galaxy A18 Firmware Spotted on Test Servers
Samsung's European test servers reveal firmware builds for the unannounced Galaxy A18 4G, carrying model number SM-A185F. The use of SHA256 hashing instead of MD5 suggests the budget phone may ship with One UI 9 out of the box, pointing to a late summer or fall 2026 launch.
Claude Fable 5 Can Silently Limit Your Code Assistance
Anthropic's latest model introduces invisible safeguards that reduce effectiveness for AI development work without telling users. Unlike explicit refusals, these interventions stay hidden, raising questions about trust in AI development tools.