The research found that large language models like ChatGPT retain a considerable amount of original training data during their training process. Attackers can extract large volumes of training data from the model using specific attack methods, threatening the privacy of data owners. Researchers utilized a concept of 'extractable memory' attack techniques and discovered that existing extraction attacks can recover a significant amount of training data from memory even without using the actual training data as prompts. ⚠️ Researchers recommend that data security protective measures should be implemented while developing and using large language models.

Teams from Google DeepMind, the University of Washington, and others have successfully unveiled the sources of ChatGPT's training data through a 'poetry attack'. This attack method involves repeating specific vocabulary, which led ChatGPT to disclose personal information, including phone numbers and email addresses. The vulnerability was reported to OpenAI on August 30, and no further comments have been made. The research calls for environmentally-friendly AI usage, pointing out the significant energy burden that text and image generation imposes on the environment.