Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Entities

PayPal

Incidents involved as both Developer and Deployer

Incident 7481 Report
Erroneous Declined Transaction Notification by PayPal AI Assistant

2024-06-19

On July 13th, 2024, a user reported an incident involving PayPal's generative AI chatbot. The chatbot allegedly incorrectly informed the user of a declined transaction that never occurred, causing confusion and prompting a call to customer service for clarification. This false alert suggests a flaw in the AI system's reliability. The incident created unnecessary labor for both the user and PayPal's human support, demonstrating the potential harm of deploying generative AI without thorough testing and error handling mechanisms.

More

Incidents Harmed By

Incident 9561 Report
Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

2025-02-28

A dataset used to train large language models allegedly contained 12,000 live API keys and authentication credentials. Some of these were reportedly still active and allowed unauthorized access. Truffle Security found these secrets in a December 2024 Common Crawl archive, which spans 250 billion web pages. The affected credentials could have been exploited for unauthorized data access, service disruptions, financial fraud, and a variety of other malicious uses.

More

Related Entities
Other entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.
 

Entity

Kiri Wagstaff

Incidents Harmed By
  • Incident 748
    1 Report

    Erroneous Declined Transaction Notification by PayPal AI Assistant

More
Entity

PayPal customer service representatives

Incidents Harmed By
  • Incident 748
    1 Report

    Erroneous Declined Transaction Notification by PayPal AI Assistant

More
Entity

PayPal customers

Incidents Harmed By
  • Incident 748
    1 Report

    Erroneous Declined Transaction Notification by PayPal AI Assistant

More
Entity

Microsoft

Incidents involved as both Developer and Deployer
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

OpenAI

Incidents involved as both Developer and Deployer
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Common Crawl

Incidents involved as both Developer and Deployer
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Microsoft Azure OpenAI Service

Incidents involved as Deployer
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

AWS

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Slack

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Mailchimp

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Google

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Intel

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Huawei

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

IBM

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Tencent

Incidents Harmed By
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Common Crawl dataset (December 2024 archive)

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Microsoft Copilot

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Google Gemini

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

Anthropic Claude

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

ChatGPT

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

xAI Grok

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

DeepSeek

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More
Entity

LLMs trained on compromised data

Incidents implicated systems
  • Incident 956
    1 Report

    Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks

More

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • ecd56df