Home / Technology / AI Chat Extensions Steal Your Full Conversations!
AI Chat Extensions Steal Your Full Conversations!
17 Dec
Summary
- Eight browser extensions are secretly recording AI conversations.
- These extensions collect prompts, AI responses, and timestamps.
- Data is sold for marketing, impacting millions of users.
A serious data privacy breach has been uncovered involving eight popular browser extensions, collectively installed over 8 million times. These extensions, available on Google Chrome and Microsoft Edge stores, are secretly harvesting the entirety of users' AI conversations, including prompts and responses, despite advertising features like VPN and ad blocking with privacy assurances.
The security firm Koi discovered that these extensions utilize 'executor' scripts to intercept all communication with AI platforms like ChatGPT, Claude, and Gemini. This data capture occurs regardless of whether other features are enabled, meaning conversations are continuously collected and sent to the extension makers for marketing analytics.
Urban Cyber Security, the developer behind these extensions, claims to share this raw data with an affiliated company, BiScience, for commercial use. This practice raises significant concerns, especially since both Google and Microsoft have endorsed several of these extensions, leaving users exposed to unprecedented privacy risks.
