OpenAI said Wednesday that user metadata tied to its API platform was exposed in a security incident at analytics provider Mixpanel, prompting the AI company to halt its use of the service and begin notifying affected customers.
Mixpanel, which provides product analytics and event-tracking services for websites and apps, disclosed on November 27, 2025 that it detected a smishing-driven intrusion on November 8. The attack allowed an unauthorized party to access part of its systems and export customer datasets. The company said only a “limited number” of customers were affected.
OpenAI—one of those customers—said it used Mixpanel exclusively for web analytics on the frontend interface of its API product (platform.openai.com), helping the company understand API usage patterns and improve developer diagnostics. In a November 26, 2025 transparency notice, OpenAI emphasized that the breach occurred solely within Mixpanel’s environment.
“This was not a breach of OpenAI’s systems,” the company said. “No chat, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs were compromised or exposed.”
According to OpenAI, the attacker obtained a dataset containing names, email addresses, approximate location data based on user browsers, operating systems and browsers used, referring websites, and OpenAI organization/user IDs. The company said it immediately removed Mixpanel from production, reviewed the datasets it received on November 25, and began notifying affected organizations and admins.
OpenAI warned that the stolen metadata “could be used as part of phishing or social engineering attacks,” advising users to be wary of unexpected emails and reaffirming that “OpenAI does not request passwords, API keys, or verification codes through email, text, or chat.”
In its November 27 incident statement, Mixpanel CEO Jen Taylor said the company “promptly executed our incident response processes,” including credential rotation, session revocation, password resets for all employees, blocking malicious IPs, and deploying new controls to “detect and block similar activity going forward.” Taylor added: “If you have not heard from us directly, you were not impacted.”
The breach adds pressure to the broader analytics ecosystem, where third-party tracking and telemetry services have increasingly become a weak link in AI and SaaS supply chains. Industry data suggests that a majority of SaaS-related breaches originate in vendor integrations rather than core platforms—one reason OpenAI said it is now conducting “additional and expanded security reviews across our vendor ecosystem.”
The company said it continues to monitor for any misuse of the exported metadata and will update customers if the scope changes.
