ChatGPT developer OpenAI has launched a bug bounty program offering up to $20,000 to users reporting security vulnerabilities in its artificial intelligence products.
“We invite you to report vulnerabilities, bugs, or security flaws you discover in our systems,” OpenAI said in an announcement. “Our rewards range from $200 for low-severity findings to up to $20,000 for exceptional discoveries.”
Security issues eligible for cash rewards include those in OpenAI APIs, public cloud resources or infrastructure involved in serving the OpenAI API, ChatGPT, including ChatGPT Plus, logins, subscriptions, OpenAI-created plugins and all other functionality, as well as third party corporate targets, and OpenAI API keys.
The program, which will be managed through Bugcrowd, will not cover jailbreaks or text prompts that violate ChatGPT’s rules.
The move comes days after Italy temporarily banned OpenAI’s ChatGPT chatbot and launched a probe over the AI tool's suspected breach of privacy laws. The watchdog alleges that ChatGPT has been illegally collecting user data and failing to protect minors. The regulator claims there's no “legal basis” for OpenAI's mass collection and storage of data for training ChatGPT's model and that the app is not always processing the information correctly.