OpenAI said hackers had breached employee devices and stolen a small number of internal code base credentials in a recent round of supply chain attacks, but the company stressed that user data, production systems and core intellectual property had not been compromised. Earlier this week, multiple hackers hijacked multiple open source projects widely adopted by dozens of companies and pushed updates carrying malicious code into them in an attempt to spread malicious programs through the software supply chain. This is the latest in a series of recent "supply chain attacks" targeting software developers and their projects.

OpenAI confirmed on Wednesday that the devices of two of its employees were affected by the attack, but in a subsequent investigation, OpenAI said in a blog post that there was no evidence that OpenAI's user data was accessed, that its production systems or intellectual property were compromised, or that the company's software was tampered with.

OpenAI said the two employees' devices were compromised as a result of a previous attack on TanStack, a widely used set of open source libraries that help developers build web applications.

On Monday, TanStack publicly disclosed the attack and released a post-mortem analysis report, saying that hackers released 84 malicious versions of the software in just 6 minutes, and a researcher discovered an anomaly about 20 minutes after the attack began.

According to reports, these malicious versions are embedded with malware that can steal credentials in the installation environment and have the ability to spread themselves to more systems.

OpenAI said that within the company's internal code base, it "discovered unauthorized access and stolen credentials in a small portion of internal source code repositories accessible to affected employees."

According to the artificial intelligence company, only a "limited amount of credential material" was stolen from the affected code repositories.

Out of an abundance of caution, because these repositories contain the digital certificates used to sign OpenAI products, the company has decided to rotate the certificates, a move that will require macOS users to update their applications.

OpenAI said it has found "no evidence that existing software installations have been compromised or put at risk."

It is unclear who orchestrated the attack on TanStack.

A number of supply chain attacks have previously been attributed to a hacking group called TeamPCP, which has also been targeted by other hackers in the past.

At the same time, other groups have used similar techniques to invade different projects: for example, in March this year, North Korean hackers hijacked the widely used open source development tool Axios and pushed malware through the project to potentially millions of developers; in another attack in May, Chinese hackers were accused of using a similar method to implant a backdoor into the disc imaging software Daemon Tools, targeting thousands of Windows computers running the software.

The common feature of this type of attack is that the attacker does not directly target a company, but first seizes control of the open source project and then distributes malicious code in the form of seemingly regular version updates.

This tactic gives attackers the opportunity to impact dozens of targets simultaneously with a single attack, spreading risk and damage widely across the Internet.