OpenAI announces ChatGPT bug bounty program with up to $20,000 in rewards

OpenAI now rewards you for finding bugs in ChatGPT.

OpenAI announced on Tuesday(Opens in a new tab) a bug bounty program that rewards people between $200 and $20,000 for finding bugs in ChatGPT, the OpenAI plugins, the OpenAI API, and other related services. “We invite you to report vulnerabilities, bugs or security gaps that you discover in our systems,” the announcement reads. “By sharing your insights, you will play a vital role in making our technology safer for everyone.”

The tweet may have been deleted
(opens in a new tab)
(Opens in a new tab)

OpenAI’s launch of a bug bounty program follows a data breach and growing concerns about privacy risks. A bug was discovered a few weeks ago that exposed chat titles, the first message of new conversations and payment information of ChatGPT Plus users. OpenAI has also been studied extensively on how it protects user data, especially when it comes to minors. ChatGPT has been banned in Italy for this very reason. These issues, along with an open letter signed by Steve “Woz” Wozniak and Elon Musk calling for a six-month hiatus on AI systems, appear to have prompted OpenAI to publicly reaffirm its commitment to security.

The bug bounty program is managed by Bugcrowd(Opens in a new tab) which will handle the submissions and rewards. The monetary amount of the reward is based on the severity of the error. But don’t get too excited just yet. There are lengthy guidelines and rules of engagement for what is not rewarded. Jailbreaks, “causing the model to tell you bad things” and hallucinations are expressly outside the scope. Also, do not attempt attacks that could degrade, disrupt, or adversely affect services or user experience, such as B. a denial of service attack (DDoS) or fraud such as social engineering or phishing.

At the time of publication, four vulnerabilities have already been rewarded. let the hunt begin