Security researchers expose OpenAI-linked identity surveillance system built with Persona
A detailed security research investigation published on Hacker News reveals a domain "openai-watchlistdb.withpersona.com" with 27 months of certificate transparency history, linking OpenAI's identity verification provider Persona to what researchers describe as a surveillance infrastructure used by the US government.
The findings come entirely from passive reconnaissance using public sources including Shodan, certificate transparency logs, and DNS records. Persona's CEO has committed to answering 18 questions from the researchers in writing.
View full digest for February 19, 2026