Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
Personal and sensitive user chats shared via OpenAI’s discoverability feature became publicly searchable online before the feature was removed.
OpenAI has disabled an opt‑in feature in ChatGPT that permitted public sharing of conversations via a toggle labelled “Make this chat discoverable”, after reports revealed that thousands of shared chats were indexed by search engines such as Google and Bing.
During the experiment, users who clicked “Share” and then ticked the discoverability box generated public links under chatgpt.com/share.
These URLs were crawled by search engines and became searchable via simple queries such as `site:chatgpt.com/share`.
Fast Company identified over 4,500 public chat links indexed by Google, some containing personal or sensitive information including names, locations, resumes, mental‑health disclosures, and workplace discussions.
While none included explicit user identifiers, content in many cases revealed identifiable details.
OpenAI’s Chief Information Security Officer, Dane Stuckey, described the feature as a “short‑lived experiment” and acknowledged that it “introduced too many opportunities for folks to accidentally share things they didn’t intend to”.
The company confirmed the discoverability setting has been removed across all user accounts and that work is underway with Google and other search providers to scrub already indexed links, with plans to complete the process by the following morning ﹘ August 1–2, 2025.
Despite multiple confirmation steps during sharing—and anonymisation of chat histories—many users appeared unaware that ticking the discoverability box would expose their conversations to global search indexing.
OpenAI acknowledged that the language and presentation of the feature may have been insufficiently clear.
The visibility of sensitive content ranging from personal trauma, job applications and health queries to proprietary code and workplace issues prompted criticism from security analysts, who noted the incident highlighted broader challenges in designing privacy safeguards and user‑interface clarity within AI tools.
OpenAI emphasised that the incident did not stem from a data breach, but from an optional, user‑activated feature.
The company also confirmed that deleting a conversation or link within ChatGPT did not automatically remove it from search engine indexes until those engines recrawler removed cached entries.
Separately, reports noted that Meta’s AI app continues to permit shared conversations to be publicly indexed via Google.
In response to coverage of OpenAI’s incident, Meta has introduced clearer warnings around visibility, though its discoverability-enabled “Discover” feed remains subject to search‑engine indexing.
During the experiment, users who clicked “Share” and then ticked the discoverability box generated public links under chatgpt.com/share.
These URLs were crawled by search engines and became searchable via simple queries such as `site:chatgpt.com/share`.
Fast Company identified over 4,500 public chat links indexed by Google, some containing personal or sensitive information including names, locations, resumes, mental‑health disclosures, and workplace discussions.
While none included explicit user identifiers, content in many cases revealed identifiable details.
OpenAI’s Chief Information Security Officer, Dane Stuckey, described the feature as a “short‑lived experiment” and acknowledged that it “introduced too many opportunities for folks to accidentally share things they didn’t intend to”.
The company confirmed the discoverability setting has been removed across all user accounts and that work is underway with Google and other search providers to scrub already indexed links, with plans to complete the process by the following morning ﹘ August 1–2, 2025.
Despite multiple confirmation steps during sharing—and anonymisation of chat histories—many users appeared unaware that ticking the discoverability box would expose their conversations to global search indexing.
OpenAI acknowledged that the language and presentation of the feature may have been insufficiently clear.
The visibility of sensitive content ranging from personal trauma, job applications and health queries to proprietary code and workplace issues prompted criticism from security analysts, who noted the incident highlighted broader challenges in designing privacy safeguards and user‑interface clarity within AI tools.
OpenAI emphasised that the incident did not stem from a data breach, but from an optional, user‑activated feature.
The company also confirmed that deleting a conversation or link within ChatGPT did not automatically remove it from search engine indexes until those engines recrawler removed cached entries.
Separately, reports noted that Meta’s AI app continues to permit shared conversations to be publicly indexed via Google.
In response to coverage of OpenAI’s incident, Meta has introduced clearer warnings around visibility, though its discoverability-enabled “Discover” feed remains subject to search‑engine indexing.
Translation:
Translated by AI
