New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
Summary
OpenAI has launched Lockdown Mode, a security feature for ChatGPT that reduces the risk of data exfiltration from prompt injection attacks (tricking an AI by hiding malicious instructions in its input) by limiting tools that connect to external services. The mode disables features like web browsing, image retrieval, file downloads, and certain agent capabilities to block potential pathways attackers could use to steal sensitive data, though it does not completely eliminate all exfiltration risks.
Solution / Mitigation
OpenAI recommends enabling Lockdown Mode, described as "an optional advanced security setting that limits many tools and capabilities in OpenAI products that can connect to the web or external services." The feature specifically disables live web browsing, image support, deep research agent mode, canvas networking, and file downloads. Additionally, OpenAI has launched a new account management feature that enables users to "review active ChatGPT sessions and log out of individual or all sessions if signs of unauthorized account activity are detected."
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/06/new-chatgpt-lockdown-mode-limits-tools.html
First tracked: June 6, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%