The initial communication about this information leak was rough, with a "we feel awful about this" variation on taking security seriously and creeping towards a blame-the-intern approach by shifting the blame to an open source library.
This blog post makes up for that -- although I'd still quibble with the framing of "outage" as opposed to a clearer indication of account information leak. They go into details of the scope of who may have been affected, what what disclosed, what the underlying problem was, and how it was addressed. That kind of transparency is what we like to see in these kinds of write-ups.
The underlying problem was a race condition in redis-py, whose fix seems pretty easy to understand in hindsight. They used Python's "asyncio.shield()" method to protect the request/response queue from being corrupted by a cancelled request. Also nice to see tests added with this commit.
It also looks like OpenAI dealt with another cacheing issue that could lead to an account takeover. Bug bounty researcher @naglinagli describes the flaw in that thread, which includes some links to "Web Cache Deception Attacks" (also this pdf).