A cybersecurity researcher, Sam Jidali, has discovered a massive data leak caused by 8 different Chrome and Firefox browser extensions.
These addons have leaked data from 45 major companies and over 4 million individuals to a fee-based service called “Nacho Analytics.” The Chrome and Firefox browser extensions responsible for the data leak have been termed “DataSpii” by Jidali and his team.
These addons collected and distributed users’ browsing data—URLs that revealed private information about users and a long list of companies such as Apple, Walmart, Amazon, 23AndMe, SpaceX, Skype, etc.
Such data collection, which wasn’t authorized by the browser, also included sensitive information such as medical records and credit card information.
DataSpii also collects tax returns, GPS locations, cloud services and data, file attachments, credit card information, genetic profiles, and online shopping history.
According to Jidali’s report, the corporate data collected by the browser extensions are sensitive. It includes the real-time activity of employees, private LAN network structure, partial page content including hyperlinks embedded on a LAN website, API keys, proprietary source code, firewall access codes, and zero-day vulnerabilities as well.
The companies affected by DataSpii belong to many Fortune 500 corporations. While Chrome and Firefox users are the primary users affected by these browsers, other Chromium-based browsers such as Opera are also affected.
The browser extensions that stole users’ data are:
The data leaking browser extensions have now been removed from or disabled in users’ browsers by Google and Mozilla. Moreover, they are no longer available for download.
Just in case they are still present in your browser, you can get rid of them manually. Refer to the following article to check which extensions you have installed in your browser and how to disable/remove them.