Samsung Grapples with Unintended Leaks via ChatGPT

Samsung Semiconductor is grappling with a data leakage incident after its fab engineers began using OpenAI’s ChatGPT, for assistance. While ChatGPT proved useful in quickly resolving errors in source code, it also inadvertently exposed confidential information, including internal meeting notes and data on fab performance and yields.

Image credit:

Concerns have arisen following three instances of data leaks within a 20-day period at Samsung Semiconductor. One incident involved an employee inadvertently exposing a top-secret application by submitting its source code to ChatGPT for error resolution. Another case saw an employee inputting confidential test patterns for chip defect identification into ChatGPT for optimization—a move that could accelerate testing and cut costs. A third incident occurred when an employee used the Naver Clova application to transcribe a meeting recording into a document and subsequently submitted it to ChatGPT for aid in crafting a presentation. The series of leaks has underscored the need for heightened data security measures at the company.

To address these security concerns, Samsung has issued a warning to its employees about the potential dangers of using ChatGPT. Executives and employees have been informed that data entered into ChatGPT is transmitted to and stored on external servers, making retrieval impossible and heightening the risk of confidential information exposure. The company stressed that while ChatGPT is indeed a powerful tool, its open learning data feature could expose sensitive information to third parties—something considered unacceptable within the highly competitive semiconductor industry.

In its ongoing efforts to implement protective measures that will avert similar data leak incidents in the future, Samsung is considering the option of restricting access to ChatGPT on its corporate network should additional breaches take place. As reported by Economist, the company is also working towards the development of an in-house AI service, akin to ChatGPT, for secure internal use. In the interim, Samsung has established a safeguard by limiting the length of queries submitted to ChatGPT, imposing a maximum of 1024 bytes per question.