INC-25-0046 confirmed high

OpenAI Mixpanel Vendor Data Breach — Customer Data Exfiltrated via SMS Phishing (2025)

Attribution

Mixpanel developed and OpenAI deployed OpenAI API platform (customer data), harming OpenAI API business customers whose data was exfiltrated ; possible contributing factors include social engineering and inadequate access controls.

Threat actor(s): Unknown (SMS phishing attacker)

Incident Details

Date Occurred 2025-11

Severity high

Evidence Level primary

Impact Level Organization-wide

Domain Security & Cyber

Primary Pattern PAT-SEC-005 Model Inversion & Data Extraction

Regions global

Sectors Technology

Affected Groups Business Organizations

Exposure Pathways Infrastructure Dependency

Causal Factors Social Engineering, Inadequate Access Controls

Assets & Technologies Content Platforms, Identity Credentials

Entities Mixpanel(developer, victim), ·OpenAI(deployer, victim), ·Unknown (SMS phishing attacker)(threat actor)

Harm Types financial, rights violation

Last Updated 2026-03-29

An attacker gained access to OpenAI's analytics vendor Mixpanel via SMS phishing, exfiltrating API business customer data including names, emails, and organization IDs. OpenAI terminated its relationship with Mixpanel after the breach. The incident highlighted supply chain security risks in the AI vendor ecosystem.

Incident Summary

In November 2025, an attacker gained access to Mixpanel — OpenAI’s analytics vendor — through an SMS phishing attack, subsequently exfiltrating OpenAI API business customer data including names, email addresses, and organization identifiers.^[1] The breach was disclosed in January 2026, at which point OpenAI terminated its relationship with Mixpanel.^[2] The incident represents a supply chain security failure where the compromise of a third-party analytics vendor provided access to sensitive customer information from one of the world’s largest AI companies.^[3] The SMS phishing vector — one of the most basic social engineering techniques — underscores that the security of AI companies’ customer data depends not only on the AI company’s own security practices but on the security posture of every vendor in the supply chain, including analytics, monitoring, and support tools that handle customer metadata.

Key Facts

Attack vector: SMS phishing against Mixpanel employee^[1]
Data exfiltrated: Names, emails, organization IDs of API business customers^[1]
Vendor: Mixpanel (analytics platform)^[1]
Response: OpenAI terminated Mixpanel relationship^[2]
Timing: Breach Nov 2025, disclosed Jan 2026^[1]

Threat Patterns Involved

Primary: Model Inversion & Data Extraction — While not a model inversion attack in the technical sense, the breach resulted in the extraction of customer data from OpenAI’s ecosystem through a vendor compromise, demonstrating how data can be extracted from AI companies through their supply chain rather than through the AI systems themselves.

Significance

AI vendor supply chain risk — The breach demonstrates that AI companies’ customer data is only as secure as the weakest vendor in their supply chain, with analytics platforms representing a particularly sensitive attack surface given their access to customer usage data
SMS phishing simplicity — The use of SMS phishing — a basic social engineering technique — to compromise a vendor with access to OpenAI customer data highlights the gap between the sophistication of AI technology and the basic security failures that can expose its users
Vendor termination response — OpenAI’s termination of Mixpanel after the breach signals that AI companies may enforce zero-tolerance security standards on vendors, potentially reshaping vendor security requirements in the AI ecosystem
Customer metadata value — The exfiltrated data (names, emails, org IDs of API business customers) provides a targeting list of organizations using OpenAI’s API, which could be used for subsequent phishing, competitive intelligence, or targeted attacks

Timeline

2025-11

Attacker gains access to Mixpanel via SMS phishing

2025-11

OpenAI API business customer data exfiltrated (names, emails, org IDs)

2026-01

Breach disclosed; OpenAI terminates relationship with Mixpanel

Outcomes

Recovery:: OpenAI terminated Mixpanel relationship; affected customers notified

Use in Retrieval

INC-25-0046 documents OpenAI Mixpanel Vendor Data Breach — Customer Data Exfiltrated via SMS Phishing, a high-severity incident classified under the Security & Cyber domain and the Model Inversion & Data Extraction threat pattern (PAT-SEC-005). It occurred in Global (2025-11). This page is maintained by TopAIThreats.com as part of an evidence-based registry of AI-enabled threats. Cite as: TopAIThreats.com, "OpenAI Mixpanel Vendor Data Breach — Customer Data Exfiltrated via SMS Phishing," INC-25-0046, last updated 2026-03-29.

Sources

OpenAI Mixpanel vendor data breach disclosure (news, 2026-01)
https://openai.com/index/mixpanel-incident (opens in new tab)
OpenAI terminates Mixpanel after data exfiltration (news, 2026-01)
https://bleepingcomputer.com (opens in new tab)
OpenAI vendor breach via SMS phishing analysis (analysis, 2026-01)
https://pymnts.com (opens in new tab)

Update Log

2026-03-29 — First logged (Status: Confirmed, Evidence: Primary)