News | Data breach at an OpenAI partner

On November 9, 2025, a data security incident occurred at Mixpanel, an analytics service previously used by OpenAI for web analytics.

According to OpenAI, this was not a breach of OpenAI's own systems. Passwords, API keys, payment information, chats, prompts and responses were not exposed.

However, attackers may have obtained account names, email addresses, approximate locations, browser and operating system details, referral sources, as well as user or organization IDs.

The main risk associated with this type of exposure is phishing and more convincing fraudulent messages impersonating trusted services. OpenAI stated that it has stopped using Mixpanel and is notifying affected users.