AI Chatbot Data Breach: Millions Compromised by Malicious Browser Extensions
December 19, 2025, 9:49 pm
A widespread data breach impacted over eight million AI chatbot users. Browser extensions, including Urban VPN Proxy, secretly harvested and sold sensitive conversations. Users of ChatGPT, Claude, Gemini, and other AI platforms had personal data, passwords, API keys, and confidential business information exposed. These extensions embedded covert scripts, intercepting all AI interactions before display. Captured data was packaged and sold through data brokers for marketing analysis. The malicious software operated even when main features were inactive. Major browser stores, Google and Mozilla, have since removed the implicated extensions. Users must urgently uninstall these tools, change all compromised passwords, and revoke API keys to mitigate further risk. The incident highlights critical privacy vulnerabilities within digital tools.
Millions of AI chatbot users face a grave privacy threat. A massive data breach recently unfolded. Popular browser extensions secretly harvested sensitive conversations. Personal details, business strategies, and private thoughts are now exposed. Over eight million individuals are affected. Their interactions with leading AI platforms were compromised. This incident raises serious concerns about digital privacy and browser extension security.
Cybersecurity firm Koi uncovered the scheme. Urban VPN Proxy led the list of malicious extensions. Seven related browser tools also participated. These extensions promised online safety. Instead, they betrayed user trust. They became sophisticated data siphons. The findings revealed a widespread, covert data harvesting operation.
The method was aggressive. Extensions injected specific scripts into AI chatbot pages. These scripts were custom-made for each platform. They bypassed standard browser functions. `fetch()` and `XMLHttpRequest` calls were hijacked. This gave extensions a direct view. They saw all API traffic. User queries and AI responses were captured. This happened before data even appeared on screen. The collected information was compressed. It then traveled to the developer's servers. This operation occurred invisibly to users. It even functioned when VPN features were dormant. Data collection was hardcoded. Disabling it was impossible without full uninstallation. This deep technical infiltration bypassed standard security measures.
AI conversations are highly sensitive. People share deeply personal information. Medical questions, financial plans, legal dilemmas are common. Confidential code and strategic business plans are also discussed. Unlike typical messenger chats, AI dialogues offer rich, detailed insights. This makes them extremely valuable. The extensions collected everything. Every query, every AI response. Timestamps and session identifiers were logged. The specific AI model used was also noted. Ten major AI platforms were targeted. This list includes ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok, and Meta AI. No AI chatbot interaction was safe.
The stolen data found a market. It was sold through data broker Datastreams.io. Each record fetched a small price. But the sheer volume made it lucrative. Advertising platforms were primary buyers. User behavior analytics firms also purchased access. The network traced back to Urban Cyber Security Inc. This entity links to BiScience, an Israeli data broker. BiScience is known for tools like AdClarity. It sells behavioral data to various industries. The data trade fuels targeted advertising and user profiling.
Google and Mozilla acted swiftly. They removed all implicated extensions. This action came after Koi's investigation. A glaring issue emerged. Urban VPN Proxy once held "Featured" status. This is a mark of quality in Chrome Web Store. It suggests Google's prior manual review. Yet, the extension was actively monitoring Google's own AI product, Gemini. This highlights significant oversight in extension vetting. Microsoft also stated plans for new Edge security features. These aim to protect users from malicious extensions. They would allow local testing before publication. Browser vendors must enhance their review processes for digital privacy.
More than eight million users were impacted. Urban VPN Proxy alone accounted for millions. Six million on Chrome, 1.3 million on Edge. Other compromised extensions include 1ClickVPN Proxy. Urban Browser Guard and Urban Ad Blocker were also implicated. The data collection began in July with version 5.5.0. This update installed automatically for existing users. Many users were unknowingly exposed for months. The scale of this AI data breach is alarming.
Some extensions presented conflicting information. Urban VPN Proxy in Chrome Web Store claimed "AI protection." It promised to check for personal data in requests. It also vowed to scan AI responses for suspicious links. Yet, its core function was covert data harvesting. Google's privacy policy language added to the confusion. It stated developers would not share user data. This was restricted to approved scenarios. It specifically excluded uses unrelated to core product functionality. However, the extensions explicitly collected location, browsing history, and website content. This contradicted their stated privacy commitments. User trust was actively undermined.
Users must act now. Delete any installed malicious extensions immediately. Check all browser extensions. If Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, or Urban Ad Blocker were installed, remove them. Changing all passwords is vital. This applies to email, banking, social media, and any service used with AI chatbots. Revoke any API keys exposed through chatbot interactions. Companies using AI chatbots for development or business must be especially vigilant. This is a critical step for personal data protection.
This incident erodes trust. Trust in free software. Trust in browser extensions. Trust in digital marketplaces. Users assume security when downloading "featured" tools. This breach proves otherwise. It underscores the urgent need for enhanced security vetting. Developers must prioritize user privacy. Browser vendors must implement stricter review processes. Users must remain vigilant. Exercise caution with any third-party software. Especially those handling sensitive information. The digital landscape demands constant vigilance. Protecting personal data is a shared responsibility.
Millions of AI chatbot users face a grave privacy threat. A massive data breach recently unfolded. Popular browser extensions secretly harvested sensitive conversations. Personal details, business strategies, and private thoughts are now exposed. Over eight million individuals are affected. Their interactions with leading AI platforms were compromised. This incident raises serious concerns about digital privacy and browser extension security.
Cybersecurity firm Koi uncovered the scheme. Urban VPN Proxy led the list of malicious extensions. Seven related browser tools also participated. These extensions promised online safety. Instead, they betrayed user trust. They became sophisticated data siphons. The findings revealed a widespread, covert data harvesting operation.
The method was aggressive. Extensions injected specific scripts into AI chatbot pages. These scripts were custom-made for each platform. They bypassed standard browser functions. `fetch()` and `XMLHttpRequest` calls were hijacked. This gave extensions a direct view. They saw all API traffic. User queries and AI responses were captured. This happened before data even appeared on screen. The collected information was compressed. It then traveled to the developer's servers. This operation occurred invisibly to users. It even functioned when VPN features were dormant. Data collection was hardcoded. Disabling it was impossible without full uninstallation. This deep technical infiltration bypassed standard security measures.
AI conversations are highly sensitive. People share deeply personal information. Medical questions, financial plans, legal dilemmas are common. Confidential code and strategic business plans are also discussed. Unlike typical messenger chats, AI dialogues offer rich, detailed insights. This makes them extremely valuable. The extensions collected everything. Every query, every AI response. Timestamps and session identifiers were logged. The specific AI model used was also noted. Ten major AI platforms were targeted. This list includes ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok, and Meta AI. No AI chatbot interaction was safe.
The stolen data found a market. It was sold through data broker Datastreams.io. Each record fetched a small price. But the sheer volume made it lucrative. Advertising platforms were primary buyers. User behavior analytics firms also purchased access. The network traced back to Urban Cyber Security Inc. This entity links to BiScience, an Israeli data broker. BiScience is known for tools like AdClarity. It sells behavioral data to various industries. The data trade fuels targeted advertising and user profiling.
Google and Mozilla acted swiftly. They removed all implicated extensions. This action came after Koi's investigation. A glaring issue emerged. Urban VPN Proxy once held "Featured" status. This is a mark of quality in Chrome Web Store. It suggests Google's prior manual review. Yet, the extension was actively monitoring Google's own AI product, Gemini. This highlights significant oversight in extension vetting. Microsoft also stated plans for new Edge security features. These aim to protect users from malicious extensions. They would allow local testing before publication. Browser vendors must enhance their review processes for digital privacy.
More than eight million users were impacted. Urban VPN Proxy alone accounted for millions. Six million on Chrome, 1.3 million on Edge. Other compromised extensions include 1ClickVPN Proxy. Urban Browser Guard and Urban Ad Blocker were also implicated. The data collection began in July with version 5.5.0. This update installed automatically for existing users. Many users were unknowingly exposed for months. The scale of this AI data breach is alarming.
Some extensions presented conflicting information. Urban VPN Proxy in Chrome Web Store claimed "AI protection." It promised to check for personal data in requests. It also vowed to scan AI responses for suspicious links. Yet, its core function was covert data harvesting. Google's privacy policy language added to the confusion. It stated developers would not share user data. This was restricted to approved scenarios. It specifically excluded uses unrelated to core product functionality. However, the extensions explicitly collected location, browsing history, and website content. This contradicted their stated privacy commitments. User trust was actively undermined.
Users must act now. Delete any installed malicious extensions immediately. Check all browser extensions. If Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, or Urban Ad Blocker were installed, remove them. Changing all passwords is vital. This applies to email, banking, social media, and any service used with AI chatbots. Revoke any API keys exposed through chatbot interactions. Companies using AI chatbots for development or business must be especially vigilant. This is a critical step for personal data protection.
This incident erodes trust. Trust in free software. Trust in browser extensions. Trust in digital marketplaces. Users assume security when downloading "featured" tools. This breach proves otherwise. It underscores the urgent need for enhanced security vetting. Developers must prioritize user privacy. Browser vendors must implement stricter review processes. Users must remain vigilant. Exercise caution with any third-party software. Especially those handling sensitive information. The digital landscape demands constant vigilance. Protecting personal data is a shared responsibility.