Teen Hacker Exploits ChatGPT to Steal Millions from Japanese Internet Cafe

Teen Turns ChatGPT Into Cybercrime Tool

In a startling case that exposes the dark potential of generative AI, Japanese authorities have arrested a high school student for orchestrating one of the country's largest data breaches using artificial intelligence.

The Digital Heist

The 17-year-old suspect, described as a programming enthusiast with competition experience, allegedly used ChatGPT to develop scripts that compromised Kaikatsu Club's systems last January. By framing his requests as "security testing," he tricked the AI into helping him:

  • Craft forged API commands that bypassed authentication
  • Develop automated scraping tools to extract databases
  • Temporarily disable parts of the cafe chain's network

The attack netted names, addresses, phone numbers and membership details for nearly three-quarters of Japan's population - all from someone who couldn't legally buy cigarettes.

Pokémon Card Connection

Police say the teen initially sought credit card information to fuel an online shopping spree for rare Pokémon cards. While he claimed academic curiosity during interrogation, investigators found clear evidence of criminal intent.

"This wasn't ethical hacking," noted Osaka cybercrime investigator Kenji Watanabe. "No responsible researcher would exfiltrate millions of records without authorization."

AI's Dangerous Double Edge

The case has cybersecurity experts sounding alarms:

Lowered Barriers: Skills that took years to master can now be approximated through clever AI prompting within hours.

Guardrail Gaming: Current content filters prove woefully inadequate against determined "prompt engineers" reframing harmful requests.

Hybrid Threats: Even filtered AI output provides dangerous starting points that humans can refine into working exploits.

"We're seeing the democratization of cybercrime," warned Ritsumeikan University professor Aiko Tanaka. "Soon, technical skill won't be prerequisite for causing serious harm."

The incident joins growing global reports of AI-assisted phishing campaigns, ransomware development and deepfake scams since early 2025.

Key Points:

  • 7.25 million records stolen from Japan's largest internet cafe chain
  • Teenager bypassed ChatGPT safeguards by disguising malicious code requests
  • Highlights growing trend of criminals weaponizing generative AI tools
  • Experts call for better auditing of AI-generated code and stricter API protections

Related Articles

News

YouTube Reigns Supreme in South Korea as ChatGPT Makes Stunning Gains

January 9, 2026
YouTubeChatGPTdigital trends
News

ChatGPT Loses Ground as Gemini Gains Momentum in AI Assistant Race

January 8, 2026
AI AssistantsChatGPTGoogle Gemini
News

Nearly a Million Chrome Users Hit by Sneaky AI Chat Thieves

January 8, 2026
Chrome SecurityAI PrivacyData Breach
News

ChatGPT Steps Into Healthcare as Ant Group's AI Doctor Hits 30 Million Users

January 8, 2026
AIHealthcareDigitalWellnessChatGPT
News

ChatGPT Now Fields 40 Million Health Questions Daily

January 7, 2026
AIHealthcareChatGPTMedicalTechnology
News

ChatGPT Emerges as America's Unexpected Medical Advisor

January 6, 2026
AI in HealthcareChatGPTMedical Technology