OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Original: OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
Why This Matters
Addresses critical enterprise security concerns around AI data protection and prompt injection vulnerabilities
OpenAI announced Lockdown Mode, a new security feature designed to protect against prompt injection attacks where malicious instructions are hidden in web content. The mode disables live web browsing, image retrieval, deep research, and agent functionality to reduce data exfiltration risks.
OpenAI introduced Lockdown Mode to provide additional protection from prompt injection attacks, where malicious chatbot instructions are embedded in webpages and content sources. The feature disables live web browsing (allowing only cached content access), web image retrieval and display, deep research capabilities, and agent mode functionality. OpenAI acknowledges that ChatGPT remains vulnerable to prompt injections even with Lockdown Mode enabled, as attacks could still appear in cached web content or uploaded files. The company states the feature is not intended for general use but specifically designed for people and organizations handling sensitive data who require stricter protection from data exfiltration risks. Lockdown Mode is currently being rolled out to self-serve ChatGPT Business accounts and eligible personal accounts.