Some internet browser extensions are spying on every click and selling that data, including corporate secrets, according to a Washington Post investigation.
As many as 4 million people were leaking personal and corporate data through Chrome and Firefox, and researchers say that’s just a fraction of the problem.
Browser extensions, also called add-ons or plug-ins, are programs used to make Web-surfing better or easier, such as finding coupons or remembering passwords.
Independent security researcher Sam Jadali and Washington Post technology columnist Geoffrey Fowler uncovered six suspicious browser extensions that were tracking and selling every click of data.
Three examples of the information Jadali found include:
Additionally, employees from more than 50 major corporations were exposing what they were working on (including top-secret stuff) in the titles of memos and project reports. Also discovered, information about internal corporate networks and firewall codes.
North Carolina State University researchers recently tested how many of the 180,000 available Chrome extensions leak privacy-sensitive data. They found 3,800 such extensions selling data. The 10 most popular alone have more than 60 million users, according to the Post.
Many people install the add-ons with the assumption that any software offered in a store run by Chrome or Firefox is legitimate.
The six browser extensions, Hover Zoom, SpeakIt!, SuperZoom, SaveFrom.net Helper, FairShare Unlock, and PanelMeasurement, have since been shut down by Google and Mozilla. If you had any of them installed, they should no longer work.
Read the full story at washingtonpost.com.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.