In a nutshell: Attackers create fake OpenAI organizations in the names of legitimate companies and lure employees with invitations to steal sensitive data.
Attackers register OpenAI organizations under the names of legitimate companies and send fake invitations to their employees to trick them into uploading sensitive business data to chat and project features.
Threat actors exploit OpenAI’s mechanism for creating organization tenants by registering accounts under the names of well-known companies — including several cybersecurity firms. The fake organizations are not operated by the actual companies and serve as vehicles for phishing attacks.
The attackers then send invitations to employees of the targeted companies to trick them into joining. Once users join the fake organization, they are deceived into uploading corporate data to OpenAI chats and ChatGPT’s project feature — or sharing sensitive information directly in chat messages.
This poses a risk to CISOs and security managers, as employees typically cannot distinguish between a legitimate corporate invitation and a fraudulent message. The stolen or captured information can subsequently be misused for further attacks, extortion, or sold on dark web markets.
The vulnerability shows that OpenAI has not yet implemented a robust verification mechanism for the authenticity of organizations. Organizations should instruct their employees to accept OpenAI organization invitations only through official channels and not enter business data or internal information in such tenants.
Source: www.bleepingcomputer.com · Published June 26, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrasing and classification through Lumi News Pipeline v1.7.1.