A threat actor listed data allegedly stolen from AI chatbot aggregator OmniGPT for sale on a breach forum. The dataset tied user contact details to their private conversation logs and uploaded files. OmniGPT did not publicly acknowledge the incident.
Roughly 30,000 user emails and phone numbers plus about 34 million lines of chat messages, along with API keys and links to uploaded files, were put up for sale.
Aggregators that funnel prompts to multiple models must encrypt stored conversations and lock down the cloud storage holding user uploads.
Guardion enforces policy on every agent action inline — with visibility, tamper-evident evidence, and DLP for agents and MCPs.
Request a demo