OpenAI’s Lockdown Mode is trying to solve the problem that it created
Summary
OpenAI introduced Lockdown Mode to reduce data exfiltration (unauthorized theft of data), a security feature that disables external capabilities like web browsing and file downloads. However, security experts say the mode only partially limits data theft and doesn't fully block it, especially since attackers could find alternate paths (prompt injection, or tricking an AI by hiding instructions in its input) to steal data.
Solution / Mitigation
Lockdown Mode can be activated within OpenAI products' settings and limits web browsing to cached content, limits image support, disables Deep Research and Agent Mode, denies users the ability to approve Canvas-generated code to access the network, and prevents ChatGPT from downloading files for data analysis, though it can still operate on manually uploaded files. Alternatively, security professionals can implement isolation through their own enterprise controls such as network segmentation, least privilege access, Zero Trust concepts, application controls, and air-gapping (physically isolating networks).
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4182650/openais-lockdown-mode-is-trying-to-solve-the-problem-that-it-created.html
First tracked: June 9, 2026 at 02:00 AM
Classified by LLM (prompt v3) · confidence: 85%