Security researchers disclosed unsecured infrastructure linking OpenAI, identity verification firm Persona, and US government agencies. A Google Cloud server with hostnames like openai-watchlistdb.withpersona.com exposed a system that files reports on users to federal authorities, including facial recognition matching against watchlists.

The server, IP 34.49.93.177, publicly served 53 megabytes of TypeScript source maps via a FedRAMP endpoint. Code revealed algorithms screening users against 14 adverse media categories, from terrorism to espionage. It generated Suspicious Activity Reports for FinCEN, using intelligence program codenames.

Persona, a San Francisco KYC provider, normally hides behind Cloudflare. But this dedicated OpenAI-linked infrastructure bypassed such protection. The discovery shows commercial AI firms and government immigration enforcement (ICE) collaborating on mass identity surveillance, all exposed through basic internet reconnaissance.

Researchers stress no systems were breached; all data came from public sources like Shodan and certificate transparency logs. They've directly contacted Persona's CEO, who committed to answering questions. The core findings remain, highlighting how such surveillance architecture can be accidentally exposed.