OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

2026-06-06 · Source: AI News & Artificial Intelligence | TechCrunch · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Fundamental Awareness, quick

Summary

OpenAI has introduced "Lockdown Mode," a new feature designed to enhance protection against prompt injection attacks, which involve malicious chatbot instructions embedded in web content. This mode disables several functionalities, including live web browsing, web image retrieval and display, deep research capabilities, and agent mode, restricting access to cached content only. While intended to reduce the risk of sensitive data exfiltration, OpenAI acknowledges that ChatGPT may still be vulnerable to prompt injections originating from cached web content or uploaded files. "Lockdown Mode" is specifically targeted at individuals and organizations managing sensitive data who require stricter safeguards, and it is currently being deployed to self-serve ChatGPT Business accounts and eligible personal accounts.

Key takeaway

For AI Security Engineers managing sensitive data, implementing OpenAI's new Lockdown Mode is a critical step to mitigate prompt injection risks. While it disables web browsing and agent modes, understand that vulnerabilities from cached content or uploaded files persist. You should deploy this feature for high-risk accounts, but also maintain vigilance and consider additional content scanning to prevent data exfiltration.

Key insights

OpenAI's Lockdown Mode offers enhanced, but not absolute, protection against prompt injection for sensitive data handlers by disabling certain features.

Principles

• Prompt injection remains a persistent threat.
• Layered security reduces data exfiltration risk.
• Security features may limit functionality.

In practice

• Use Lockdown Mode for sensitive data.
• Restrict web access to mitigate prompt injection.
• Be aware of residual prompt injection risks.

Topics

• OpenAI
• Lockdown Mode
• Prompt Injection
• Data Exfiltration
• ChatGPT Business
• AI Security

Best for: CTO, VP of Engineering/Data, Executive, AI Security Engineer, Director of AI/ML, MLOps Engineer

Related on AIssential

• Introducing Lockdown Mode and Elevated Risk labels in ChatGPT — New OpenAI features enhance security against prompt injection by restricting external interactions and labeling risky capabilities.
• OpenAI Help: Lockdown Mode — OpenAI's Lockdown Mode prevents data exfiltration from prompt injections by limiting outbound network requests, mitigating a key "Lethal Trifecta" risk.
• Introducing the OpenAI Safety Bug Bounty program — OpenAI's new bug bounty targets AI-specific abuse and safety risks beyond traditional security vulnerabilities.
• Securing Azure AI Applications: Against Prompt Injection | Part - 2 — Prompt injection is an inherent LLM vulnerability requiring defense-in-depth across all application layers, treating all input as untrusted.
• Prompt-inject ChatGPT with any web page — Chatbots inherently struggle to differentiate instructions from data, making prompt injection an unfixable security vulnerability.
• GPT-5.4-Cyber: Why OpenAI is Keeping its Most Powerful Model Under Lock and Key — OpenAI's GPT-5.4-Cyber offers advanced cybersecurity capabilities with restricted access to verified defenders.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by AI News & Artificial Intelligence | TechCrunch.