OpenAI confirmed a data breach involving its API platform users after hackers accessed third-party vendor Mixpanel on November 9, 2025. Affected data included organisation/user IDs, usernames, and email addresses, though OpenAI's systems were not compromised. OpenAI is notifying impacted users and has terminated its relationship with Mixpanel, stating, "We are working closely with Mixpanel to understand the incident." The breach raises security concerns, especially potential phishing attacks.