May 14 (Reuters) - OpenAI ⁠said on Wednesday it found ⁠no evidence that its user data ‌was accessed after a security issue involving a supply-chain attack on TanStack npm, an open-source library.

Here ​are some details:

• The ChatGPT-maker ⁠said it found ⁠no evidence that its production systems or ⁠intellectual property ‌were compromised, or that their software was altered

• OpenAI said ⁠two employee devices in its corporate ​environment were ‌impacted after TanStack, a widely used ⁠open-source library, ​got compromised earlier this week

• Limited credential material was exfiltrated from these code ⁠repositories and no other information ​or code was impacted,OpenAI said

• The AI firm said that it isolated the impacted ⁠systems immediately after the attack and temporarily restricted code-deployment workflows, to contain impact

• OpenAI said it is rotating code-signing ​certificates, which would require ⁠macOS users to update their applications

• OpenAI ​did not immediately respond ‌to a Reuters request for ​further details

(Reporting by Gnaneshwar Rajan in Bengaluru; Editing by Mrigank Dhaniwala)