New Delhi, Nov. 28 -- OpenAI has disclosed that Mixpanel, a third-party analytics provider it used for web analytics on platform.openai.com, suffered an intrusion. Mixpanel discovered an attacker had exported a dataset from its systems on November 9, 2025, and shared the affected dataset with OpenAI on November 25, 2025. OpenAI stresses the incident did not involve unauthorised access to its own infrastructure.

According to OpenAI, the exported Mixpanel dataset may have contained limited customer-identifiable and analytics information tied to users of the API platform. The company lists the categories that may have been affected:

Name provided on the API account

Email address associated with the API account

Approximate coarse location...