{"data":{"id":"c44ef0b5-bb09-456d-ba2a-76c7007a0e85","title":"OpenAI Rolling Out ChatGPT Account Security Controls","summary":"OpenAI is expanding two security features for ChatGPT accounts. Lockdown Mode helps prevent data exfiltration (unauthorized data theft) from prompt injection attacks (tricking an AI by hiding instructions in its input) by limiting outbound network requests, though it disables features like web browsing and file downloads. Active Sessions lets users see where their account is logged in and log out of unrecognized sessions.","solution":"OpenAI provides two explicit mitigations: (1) Enable Lockdown Mode in Settings > Security > Advanced Security to limit outbound network requests during prompt injection attacks, and (2) use Active Sessions in Settings > Security to review and log out of unrecognized account sessions. Additionally, OpenAI offers Advanced Account Security, which disables password-based login in favor of physical security keys or passkeys, replaces email/SMS account recovery with backup passkeys and recovery keys, and shortens sign-in sessions to reduce account takeover risk.","labels":["security"],"sourceUrl":"https://www.securityweek.com/openai-rolling-out-chatgpt-account-security-controls/","publishedAt":"2026-06-08T08:32:49.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI","ChatGPT"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-08T08:32:49.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}