OpenAI rolls out lockdown mode for ChatGPT to combat prompt injection attacks

As reported by The Hacker News, OpenAI has introduced a new Lockdown Mode for ChatGPT, aimed at mitigating the risks associated with prompt injection attacks and potential data exfiltration for its personal account users.

Lockdown Mode is an optional security setting designed for users handling sensitive data, including those on Free, Go, Plus, Pro, and ChatGPT Business plans. This feature significantly reduces the risk of data exfiltration by limiting outbound network requests, a key vector for prompt injection attacks. While it does not prevent prompt injection entirely or alter memory and file upload functionalities, it aims to close potential data leakage pathways. Consequently, Lockdown Mode disables several features, including live web browsing (limited to cached content), image support, deep research, agent mode, Canvas networking, and file downloads.

OpenAI emphasizes that this mode is not for everyone and cannot be used concurrently with Developer Mode. Although Lockdown Mode substantially reduces the risk of data exfiltration, it does not offer a complete guarantee against it, as risks may persist through enabled apps or newly discovered techniques. This rollout follows OpenAI's recent launch of an account management feature allowing users to monitor and manage active ChatGPT sessions to detect unauthorized activity.

Source: The Hacker News