OpenAI rolls out 'Lockdown Mode' for ChatGPT to block sensitive data leaks

OpenAI is bolstering ChatGPT's defenses with a new Lockdown Mode, aiming to shield users and organizations handling sensitive data from prompt injection attacks. These attacks embed malicious instructions in external content, potentially leading to data exfiltration.

When activated, Lockdown Mode significantly restricts ChatGPT's capabilities. It disables live web browsing, the ability to access internet-sourced images, and advanced features like deep research tools and agent functionality. While users can still generate images, the model will rely on cached web content instead of real-time browsing.

Despite these measures, OpenAI cautions that Lockdown Mode is not a foolproof solution. The company explained that the feature primarily aims to prevent the final stage of data exfiltration by limiting outbound network requests. However, prompt injections can still appear within cached web content or uploaded files, potentially influencing the chatbot's responses or accuracy.

The new security feature is being made available to self-serve ChatGPT Business accounts and certain personal users. Activation is managed through the Advanced security settings within the user's account. OpenAI also noted that Lockdown Mode cannot be used concurrently with Developer Mode, as enabling one automatically deactivates the other.

“

Lockdown Mode is designed to help prevent the final stage of data exfiltration from a prompt injection attack by limiting outbound network requests that could transfer sensitive data to an attacker. Lockdown Mode does not prevent prompt injections from appearing in the content ChatGPT processes. For example, a prompt injection could appear in cached web content or in an uploaded file, and could still affect the behavior or accuracy of a response.