Chrome, Firefox browser extensions leaked millions of users' data

Agencies
July 20, 2019

Popular browser extensions like ad blockers have been caught harvesting personal data of millions of consumers who use Chrome and Firefox -- not only their browsing histories but also exposing tax returns, medical records, credit card information and other sensitive data in the public domain.

According to an independent cyber security researcher Sam Jadali, the data has been leaked to a fee-based company called Nacho Analytics that gives unlimited access to any websites analytics data.

The data could be purchased for as little as $10 to $50, said Jadali whose report was first described in Ars Technica late on Friday.

"This non-stop flow of sensitive data over the past seven months has resulted in the publication of links to home and business surveillance videos hosted on Nest and other security services.

"Tax returns, billing invoices, business documents, and presentation slides posted to, or hosted on, Microsoft OneDrive, Intuit.com, and other online services" have been exposed, said the report.

The exposed data via eight browser extensions also include vehicle identification, numbers of recently bought automobiles, along with the names and addresses of the buyers.

Patient details, travel itineraries, Facebook Messenger attachments and Facebook photos, even private, are now available in the public domain.

Browser extensions - also known as plug-ins or add-ons - are apps that consumers can install to run alongside their browser for additional functionality.

The affected extensions were apps used by millions of people, including HoverZoom, SpeakIt!, and FairShare Unlock.

"The extensions have been remotely removed or disabled in consumers' browsers and are no longer available for download," said both Google and Firefox.

People who didn't download the extensions may also be affected.

"Nobody is immune to this. Even if you don't have any harmful extensions, the other people you interact with may have an extension on their computers that could be leaking the data you share with them," Jadali was quoted as saying.

Nacho Analytics, for example, promises to let people "see anyone's analytics account" and to provide "real-time web analytics for any website".

The company charges $49 per month, per domain, to monitor any of the top 5,000 most widely-trafficked websites.

The security expert has suggested users to delete all browser extensions they have installed in the past.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 16,2024

Mangaluru: The Kavoor police in Mangaluru, Karnataka, have arrested three individuals from Kerala in connection with two separate cybercrime cases, including one involving extortion under the guise of a "digital arrest."

City Commissioner of Police Anupam Agrawal reported that one of the arrested individuals, Nisar, a resident of Ernakulam district, posed as a CBI officer. He allegedly threatened the complainant with arrest and extorted Rs 68 lakh. A case has been filed under sections 66 (C) and 66 (D) of the IT Act, and sections 308 (2) and 381 (4) of BNS.

In another case, the Kavoor police arrested two men, Sahil K P of Thiruvannur, Kozhikode, and Muhammad Nashath of Mappila Koyilandy, Kerala, in connection with a share trade fraud. The accused are alleged to have deceived the complainant by promising substantial profits from an investment in the stock market. Trusting the fraudsters, the complainant invested Rs 90 lakh, which was subsequently lost. A case has been registered under sections 66 (C) and 66 (D) of the IT Act, and sections 318 (4) and 3 (5) of BNS.

The accused were arrested in Koyilandi and presented before the court. The operation was carried out under the guidance of City Police Commissioner Anupam Agrawal, led by Mangaluru North Sub-Division ACP Srikanth K, Kavoor Inspector Raghavendra Byndoor, Kavoor PSI Mallikarjuna Biradara, and staff members Ramanna Shetty, Bhuvaneshwari, Rajappa Kashibai, Praveen N, and Malatesh. 

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 15,2024

Udupi: The Tourism Department is planning a major eco-friendly development initiative for Kamini Island, located near the Blue Flag-certified Padubidri End Point beach, aiming to attract more visitors while maintaining environmental sustainability.

Assistant Director Kumar CU emphasized that, given the island’s proximity to the Blue Flag beach, all development efforts will center around eco-friendly practices. “We are looking to enhance the Kamini River and the island’s surroundings by adding a hanging bridge, nature trails, and eco-friendly food courts offering traditional cuisine. Visitors will also be able to reach the island by pedal boats or kayaking,” he said.

The development project is estimated to cost between Rs 3 crore and Rs 4 crore. Meanwhile, the Blue Flag beach, Padubidri, continues to see a steady flow of visitors. Vijay Shetty, manager of the beach, shared that tenders for food courts and water sports have been awarded to private parties. Recently, three new coracles have been introduced, which are proving to be a hit with visitors. Additionally, three more shelters are expected to be ready by November 20.

Shetty mentioned that the beach can now accommodate between 2,500 and 3,000 visitors daily, although footfall remains lower than other district beaches due to user fees and activity restrictions. “Initially, most visitors were from Mangaluru, but now nearly 40% come from other districts, showing a shift in the visitor demographics,” Shetty noted.

To further boost tourism and promote a healthy lifestyle, a Beach Carnival is set to take place on November 23-24, featuring the National Sea Swimming Championship and a sea marathon in collaboration with the Padubidri JCI, which is celebrating its golden jubilee. Cultural events will be held at the main beach, with some sports events taking place at the Blue Flag beach. Emphasis will be placed on making all activities environmentally friendly.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 12,2024

HDKzameer.jpg

Mysuru, Nov 12: Zameer Ahmad Khan, the Tourism and Waqf minister of Karnataka, who stirred a controversy by addressing the Union Minister HD Kumaraswamy as ‘Kaala Kumaraswamy’ has tendered apologies for his remarks.

Speaking to reporters in Mysuru on Tuesday, Minister Zameer stated that he will apologise if remarks have hurt JD-S workers.

“We both are very close. Then, in a total of 24 hours, we were together for 14 hours. He used to fondly address me as “kulla” (shorty) and I used to address him as “kariyanna” (blacky, kaalia),” Minister Zameer stated.

“I am not addressing him as ‘kaalia’ for the first time. I have not said something highly derogatory. It is being made as big in the backdrop of elections. With love, he used to call me a shorty and I called him a blacky. If I had caused pain to anyone by my words I apologise,” he said.

He further stated: “Kumaraswamy had said that he didn’t want the votes of the Muslim community. But now they are attempting to purchase Muslim votes. Against this backdrop, I have made the remark.”

Minister for Home G. Parameshwara stated on Tuesday, “Minister Zameer and Kumaraswamy are close friends. Their comments against each other are not significant.”

Zameer Ahmad Khan, the Tourism and Waqf minister of Karnataka stirred a controversy on Monday as he addressed the Union Minister as ‘Kaala Kumaraswamy’.

JD-S on Tuesday demanded a public apology and resignation of Minister for Waqf and Tourism Zameer Ahmad Khan over his ‘racist’ remarks.

“Remember, there is no place here for your divisive policies. You have insulted the people by making ethnic, racist and discriminatory statements. You should apologize to the people of the state and resign,” the JD (S) demanded in the post.

Union Parliamentary Affairs and Minister for Minority Affairs Kiren Rijiju reacted sternly to the racist jibe and stated, “I strongly deplore Congress Minister Zameer Ahmed calling Union Minister and former Chief Minister of Karnataka Kumaraswamy as 'Kaalia Kumaraswamy'.

Comments

Add new comment

  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.