8M users' AI conversations sold for profit by "privacy" extensions
This writeup argues that some browser extensions marketed around privacy can still end up vacuuming up extremely sensitive data—specifically, the content people type into AI chat interfaces. Because extensions can request broad permissions (page access, read/write on many sites, network access), they may be able to observe prompts and responses even when users assume their conversations are “inside” a chat product.
The takeaway isn’t just “don’t use shady extensions.” It’s that AI prompts routinely contain confidential work context (internal names, code, customer details, drafts) and should be treated like credentials: if an extension can see the page, it can often see what you type. Practical mitigations include auditing extension permissions, removing anything you don’t actively rely on, avoiding “free VPN”/tooling with unclear business models, and using separate browser profiles (or a locked-down browser) for AI chats that might include sensitive content.