Supply chain
β Supply Chain
OpenAI Third-Party Breach (November 2025)
Primary Source βIncident Details
In 2025, OpenAI experienced a data security incident via a third-party vendor relationship. The compromised
third-party vendor was Mixpanel. Source reporting:
https://www.bleepingcomputer.com/news/security/openai-discloses-api-customer-data-breach-via-mixpanel-vendor-hack/
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Mixpanel
- Supply Chain Attack
- β Confirmed third-party / vendor compromise
Timeline
- 2025-11-01 Breach occurred
- 2025-11-01 Publicly disclosed