OpenAI is reportedly using an internal version of ChatGPT as part of its effort to investigate information leaks. The report, attributed to The Information and citing a person familiar with the matter, describes a system that compares published reporting about OpenAI's internal operations with material inside the company.
What the reported tool does
According to the report, OpenAI's security team uses a custom ChatGPT version when an article appears to contain information from inside the company. Staff feed the article text into the tool, which can search across internal documents as well as employees' Slack and email messages.
The purpose is not simply to summarize the article. The system reportedly looks for internal files or communication channels that contain the same information that later appeared in public reporting.
From there, it suggests possible sources by showing where the information existed internally and who had access to it. That makes the tool a way to narrow a leak investigation from a published article back toward internal documents, Slack messages, email messages or other channels.
What remains unknown
The report leaves several important details unresolved. It is unclear whether OpenAI has actually caught anyone using this method. It is also not known what, exactly, makes this ChatGPT version special beyond its access to internal company material.
That uncertainty matters because the described system could range from a targeted search assistant to a broader internal analysis tool. The source article does not provide enough detail to say how the system is governed, how often it is used, or how its suggestions are reviewed.
What is clear from the report is the basic workflow: a news article about internal operations is used as the input, and the internal AI system searches company information sources for matching material and access patterns.
The internal AI agent connection
The report also points to a possible clue about how such a system could work. OpenAI engineers recently presented the architecture of an internal AI agent that could fit this kind of use case.
That agent is designed to let employees carry out complex data analysis through natural language. It has access to institutional knowledge stored in places such as Slack messages, Google Docs and more.
If applied to leak investigations, that kind of architecture could make internal search more conversational. Instead of manually checking every likely location, a user could ask the system to compare the contents of a published article with company knowledge sources and identify overlap.
The source article does not state that this agent is definitively the same system used by the security team. It says the architecture could serve that purpose, so the connection should be treated as a possible explanation rather than a confirmed identity.
Why this matters
The report highlights a broader point about enterprise AI: the same capabilities that help employees analyze company knowledge can also be used for internal investigations. A system with access to Slack, email, Google Docs and internal documents can connect pieces of information that would otherwise require a slower manual review.
For a security team, that can make leak tracing more structured. The tool reportedly identifies where published details appeared inside the company and who could access them. That does not prove responsibility on its own, but it can create a map of where investigators may look next.
The case also shows how quickly ChatGPT-style systems can move beyond public chatbots. Inside a company, an AI assistant can become a layer across communication channels, documents and institutional knowledge. In this reported use, that layer is being applied to a sensitive internal problem: finding the path from private information to public reporting.
For now, the strongest conclusion is limited. The Information reports that OpenAI uses a custom ChatGPT version for leak investigations, with access to internal documents, Slack and email. The tool reportedly suggests possible sources by matching published information to internal locations and access records, but whether it has successfully identified anyone remains unclear.