Chrome Extensions Steal ChatGPT, DeepSeek Data from 900K Users

Two malicious Chrome extensions have stolen AI chat histories from ChatGPT and DeepSeek, compromising over 900,000 users in a major data security incident.

A significant data breach has exposed over 900,000 users of AI platforms ChatGPT and DeepSeek, with security researchers identifying two malicious Google Chrome extensions as the culprits. The extensions, masquerading as productivity tools, operated by secretly harvesting users' complete chat histories and login credentials. This incident highlights a critical vulnerability in the extension ecosystem, where seemingly benign third-party add-ons can bypass platform-level security to exfiltrate sensitive intellectual property and personal data directly from the browser.

The breach mechanism relied on social engineering, exploiting user trust in the official Chrome Web Store's vetting process. Once installed, the extensions gained permission to read and change site data, allowing them to scrape information from active ChatGPT and DeepSeek sessions. This attack vector matters because it shifts the security risk from the AI providers' infrastructure to the user's own browser environment, an area often overlooked in corporate cybersecurity protocols. The stolen data, potentially containing proprietary code, business strategies, and private conversations, represents a treasure trove for malicious actors, underscoring the high stakes of AI-assisted work.

For organizations and individual professionals, this incident mandates an immediate audit of browser extensions and a strict enforcement of least-privilege access. The forecast is for a rise in similar supply chain attacks targeting the interfaces of popular SaaS platforms. Decision-makers must implement advanced endpoint monitoring that can detect anomalous data transmission from browser processes. The next imperative for AI companies and browser vendors is to develop more sophisticated, behavior-based review systems for extensions and to educate users on the profound risks hidden in simple permission grants, making digital hygiene a non-negotiable component of modern work.