Back to all posts

New ChatGPT Feature Exposes Your Emails To Hackers

2025-09-14Victor Awogbemila2 minutes read
AI Security
ChatGPT
Data Privacy

A team of researchers led by Eito Miyamura, an Artificial Intelligence specialist and Oxford University Computer Science Alumnus, has uncovered a significant security flaw in ChatGPT. The team discovered that by using relatively simple techniques, they could trick the AI model into leaking sensitive data from a user's private emails.

A Powerful New Feature Hides a Critical Flaw

The vulnerability stems from a recently added feature called the Model Context Protocol (MCP). OpenAI introduced MCP to enhance ChatGPT's capabilities, allowing it to act as a powerful personal agent by connecting to and accessing information from a user's personal applications like Gmail, Calendar, SharePoint, and Notion. While this integration offers convenience, Miyamura’s research demonstrates that an attacker only needs your email address to exploit it.

body3 chatgpt gmail details eito x hackers ai

How a Simple Calendar Invite Can Steal Your Data

Miyamura explained that once a user connects their email account to ChatGPT using MCP, the system is open to attack. A malicious actor can send a specially crafted calendar invitation to the user's email address. The critical component of this attack is a hidden "jailbreak prompt" embedded within the invitation's details.

body1 chatgpt gmail details eito x hackers ai

Crucially, the user does not even need to accept the invite for the attack to succeed. ChatGPT, in its process of scanning the connected accounts, automatically reads the new invitation. The jailbreak prompt then tricks the AI into following the attacker's instructions instead of its own safety protocols. This allows the attacker to command ChatGPT to read through the user's emails and send any sensitive information it finds back to them. Miyamura demonstrated the process in a video posted on his X account.

body2 chatgpt gmail details eito x hackers ai

The Rising Tide of AI-Powered Threats

This discovery highlights the growing potential for AI to be used for malicious purposes. Criminals are already leveraging artificial intelligence to crack complex passwords and deploy AI-powered ransomware that can automate cyberattacks with alarming speed. The scale of this problem is significant, with the ransomware industry projected to become a staggering $265 billion market by 2031. As industry leaders continue to pour resources into making their AI models more powerful, this incident serves as a stark reminder that they must also prioritize investments in robust security guardrails to mitigate the risk of abuse.

Read Original Post

More Blogs

ChatGPT Gmail Flaw Exposed Via Google Calendar Exploit
Luke James

ChatGPT Gmail Flaw Exposed Via Google Calendar Exploit

A new security vulnerability reveals how attackers can use malicious Google Calendar invites to trick ChatGPT into leaking private emails. This exploit targets the AI's integration with Google services and can be prevented by adjusting your calendar settings.

AI Security
Cybersecurity
ChatGPT
Oromummaa Extremism A Threat To Ethiopian Unity
The Habesha

Oromummaa Extremism A Threat To Ethiopian Unity

This article offers a critical analysis of extremist Oromummaa, arguing it distorts authentic Oromo heritage into a dangerous political ideology that threatens Ethiopian unity. The author explores its structural parallels with historical supremacist movements to highlight the potential dangers.

Ethiopian Politics
Oromummaa
Nationalism
Ready to Create Amazing AI Art?
Experience the power of AI image generation with our professional tools and API
Midjourney APITry Our Web App
ImaginePro newsletter

Subscribe to our newsletter!

Subscribe to our newsletter to get the latest news and designs.