If you are aware of an incident with one of your vendors, report the incident so CORL can investigate.
- Navigate to Incidents > Report Incident.
- Specify the Title. Tip: Specify something that is meaningful. For example, March 24 ChatGPT Personal Data Leak.
- Provide a Description of the incident. For example, A bug found in ChatGPT's open-source library caused the chatbot to leak the personal data of customers, which included some credit card information and the titles of some chats they initiated. “In the hours before we took ChatGPT offline,” OpenAI said after the incident, “it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time.”
- Provide a Reference, preferably a website with more information that CORL can use to investigate the incident. For example, ChatGPT Data Breach Confirmed.
- Click Submit. A confirmation message displays.
View Reported Incidents
Note this functionality is currently only available for clients who subscribe to TPIR (third-party incident response).
You can view a list of incidents you report.
- Navigate to Incidents > Reported Incidents.
- You can view:
- Date-Time: Indicates the date and time the incident was submitted.
- Full Name: Indicates the name of the person submitting the incident.
- Title: Indicates the title of the incident.
- Description: Indicates the description of the incident.
- Reference: Indicates the URL providing more information about the incident.