Full Report
OpenAI's AI-powered ChatGPT is down worldwide with users receiving errors when attempting to access chats, with no reasons currently given. [...]
Analysis Summary
# Incident Report: Worldwide ChatGPT Service Disruption
## Executive Summary
On December 2, 2025, OpenAI's ChatGPT service experienced a severe worldwide outage, resulting in users being unable to access chats or generate responses, with some reporting conversation history disappearance. The root cause was officially stated as "elevated errors," suggesting a major internal service failure or high-load issue rather than a targeted cyber attack. The service gradually began restoring functionality later that day.
## Incident Details
- Discovery Date: December 2, 2025 (Early reporting started around the publication time, 02:52 PM ET timeframe, with official confirmation shortly after 2:40 PM ET).
- Incident Date: December 2, 2025
- Affected Organization: OpenAI
- Sector: Artificial Intelligence / Technology Services
- Geography: Worldwide
## Timeline of Events
### Initial Access
- Date/Time: Undisclosed (Pre-2:40 PM ET, December 2, 2025)
- Vector: Undisclosed (Likely a platform failure, overload, or internal software degradation)
- Details: Users began observing widespread errors stating "something seems to have gone wrong" and "There was an error generating a response."
### Lateral Movement
- N/A (The incident appears to be localized to the service's infrastructure, not an external actor traversing the network.)
### Data Exfiltration/Impact
- Operational Impact: High—service was unavailable or severely degraded globally. Some users reported conversations disappearing, though this may have been a temporary display issue related to service unavailability.
### Detection & Response
- Detection: Initial detection via user reports aggregated by platforms like DownDetector (reporting over 30,000 users affected).
- Response Actions: OpenAI publicly confirmed awareness of the elevated errors at 2:40 PM ET and stated they were working on a fix. Service recovery began around 15:14 ET.
## Attack Methodology
Since the incident description explicitly points to internal "elevated errors" rather than a known adversary, the following sections assume infrastructure failure alignment where applicable.
- Initial Access: **Service Degradation/Overload.** Not an adversarial intrusion.
- Persistence: N/A
- Privilege Escalation: N/A
- Defense Evasion: N/A
- Credential Access: N/A
- Discovery: N/A (Internal monitoring likely flagged the high error rate.)
- Lateral Movement: N/A
- Collection: N/A
- Exfiltration: N/A
- Impact: **Denial of Service/Functional Loss** due to infrastructure failure leading to inability to process requests.
## Impact Assessment
- Financial: Estimated costs unavailable, but involved significant loss of service availability during a critical period.
- Data Breach: No evidence of data breach reported; the primary impact was service unavailability and temporary data viewing issues (disappearing conversations).
- Operational: Severe disruption to global ChatGPT functionality.
- Reputational: Negative impact due to widespread service failure without immediate root cause explanation.
## Indicators of Compromise
- Network indicators: Elevated HTTP 5xx errors observed globally.
- File indicators: N/A
- Behavioral indicators: Persistent inability to generate responses; conversations failing to load or appear missing for users.
## Response Actions
- Containment measures: OpenAI acknowledged the issue and began troubleshooting underlying infrastructure problems.
- Eradication steps: Steps taken internally by OpenAI engineers to stabilize the environment and resolve the root cause of the "elevated errors."
- Recovery actions: Gradual restoration of service beginning around 15:14 ET, though speed remained reportedly slow initially.
## Lessons Learned
- The importance of robust scalability and redundancy planning to handle traffic spikes without causing cascading service failures.
- The need for proactive, transparent communication regarding the nature of service disruptions, especially when they impact user data integrity perception (like disappearing conversations).
## Recommendations
- Implement pre-emptive load balancing and resource allocation safeguards calibrated for peak expected traffic scenarios.
- Develop and utilize a standardized incident communication template to quickly inform users about major service outages, even identifying the potential category (e.g., infrastructure vs. security incident).