ChatGPT's Lockdown mode limits data theft but restricts live web access

Prompt injection is a significant security threat: by feeding malicious commands into prompts, an attacker can infiltrate chats, access external files and services, and steal personal data. Lockdown mode in ChatGPT aims to prevent that kind of data theft by limiting what the model can do and where it can reach.

First rolled out in February to subscribers of ChatGPT for Enterprise, Edu, Healthcare and Teachers, Lockdown mode is now available to all plans, including Free, Go, Plus, Pro and Business. The option is intended for people and organizations that work with sensitive information and need extra protection.

To combat prompt-injection attacks, Lockdown mode restricts outbound network requests to the internet and external file services so live sensitive information can’t be exposed. It does not stop every kind of attack: hackers can still exploit cached web content or uploaded files.

chatgpt, lockdown mode, prompt injection, data theft, outbound requests, external files, cached content, uploaded files, sensitive information, chatgpt plans