AI Daily Logo

Millions of ChatGPT and Gemini Users Exposed in Major VPN Extension Security Breach

A compromised VPN browser extension has exposed the private AI conversations of approximately 6 million users, including sensitive ChatGPT and Gemini chat histories. Security researchers have identified the breach and are investigating the extent of data theft and potential misuse.

3 min read130 views
Millions of ChatGPT and Gemini Users Exposed in Major VPN Extension Security Breach

Critical Security Incident Exposes Millions of AI Conversations

A significant security vulnerability in a widely-used VPN extension has resulted in the unauthorized access and theft of private conversations from ChatGPT and Gemini users across the globe. The breach, affecting approximately 6 million users, represents a serious compromise of personal data stored within popular AI platforms and raises urgent questions about the security practices of browser extensions with broad system access.

How the Breach Occurred

The compromised VPN extension exploited its privileged access to user browser traffic to intercept and exfiltrate chat data from OpenAI's ChatGPT and Google's Gemini platforms. VPN extensions typically request extensive permissions to monitor and route all network traffic through encrypted tunnels, making them particularly sensitive security targets. In this case, those permissions were weaponized to capture unencrypted session data and conversation histories.

The attack vector highlights a critical vulnerability in the browser extension ecosystem: users often grant sweeping permissions to extensions without fully understanding the potential attack surface. Once installed, these extensions operate with minimal oversight and can access virtually all user activity within the browser environment.

Scope of the Compromise

The breach affected approximately 6 million users, though the full extent of exposed data remains under investigation. Compromised information includes:

  • Complete chat histories from ChatGPT sessions
  • Gemini conversation records
  • User account identifiers and session tokens
  • Potentially sensitive information shared within AI conversations (code, personal details, business information)

Security researchers have not yet confirmed whether the stolen data has been sold, published, or remains in the hands of the threat actors. The investigation is ongoing.

Immediate Risks and Implications

Users whose data was compromised face several potential risks:

  • Identity theft: Personal information disclosed in AI chats could be leveraged for social engineering or account takeover
  • Intellectual property theft: Code snippets, business strategies, or proprietary information shared with AI assistants may be exposed
  • Privacy violations: Sensitive conversations intended to be private are now accessible to unauthorized parties
  • Secondary attacks: Threat actors may use exposed information for targeted phishing or credential stuffing campaigns

Recommended User Actions

Affected users should take the following protective measures:

  1. Uninstall the compromised extension immediately from all browsers
  2. Change passwords for ChatGPT, Gemini, and associated email accounts
  3. Enable two-factor authentication on all AI platform accounts
  4. Monitor account activity for unauthorized access or suspicious behavior
  5. Review chat histories for sensitive information that may have been exposed
  6. Consider credential rotation for any accounts where sensitive information was discussed

Broader Security Lessons

This incident underscores critical vulnerabilities in the browser extension ecosystem. Extensions with broad permissions represent a significant attack surface, yet users often install them without careful vetting. Organizations and security researchers are calling for:

  • Stricter permission models for browser extensions
  • Enhanced transparency regarding extension data access
  • Regular security audits of popular extensions
  • User education about extension security risks
  • Platform-level protections against malicious extension behavior

Key Sources

  • Security research community investigations into VPN extension vulnerabilities
  • User reports and incident tracking databases documenting the breach scope
  • Browser security best practices documentation from major platform vendors

The incident serves as a stark reminder that security is only as strong as the weakest link in the chain—and in this case, that link was a trusted extension with excessive permissions. Users must remain vigilant about what tools they grant access to their browsing activity.

Tags

VPN extension security breachChatGPT data theftGemini privacy compromisebrowser extension vulnerabilityAI chat data exposurecybersecurity incidentuser data breachmalicious extensionprivacy violationcredential theft
Share this article

Published on December 18, 2025 at 08:36 AM UTC • Last updated 2 weeks ago

Related Articles

Continue exploring AI news and insights

Baidu's Kunlun Chip Unit Eyes Hong Kong IPO as China's AI Hardware Race Intensifies
FeaturedJan 3, 08:29 AM

Baidu's Kunlun Chip Unit Eyes Hong Kong IPO as China's AI Hardware Race Intensifies

Baidu's AI chip subsidiary has filed for a Hong Kong IPO, signaling a major shift in China's semiconductor strategy. The move comes as domestic tech giants race to reduce reliance on foreign chip suppliers and establish homegrown AI hardware dominance.

900,000 AI Chat Users Compromised by Malicious Chrome Extensions
FeaturedJan 3, 08:28 AM

900,000 AI Chat Users Compromised by Malicious Chrome Extensions

A widespread campaign exploiting Chrome extensions has compromised the AI conversations of nearly 900,000 users, exposing sensitive ChatGPT and DeepSeek interactions. Security researchers reveal how attackers infiltrated trusted browser tools to harvest private AI chat data.

Musk's Grok AI Faces Backlash Over Controversial Outputs
Jan 3, 04:23 AM

Musk's Grok AI Faces Backlash Over Controversial Outputs

Elon Musk's Grok AI faces backlash for labeling Trump a 'pedophile' and generating inappropriate images, raising concerns over AI safeguards.

Microsoft Preferred Over Alphabet for AI Investment in 2026
Jan 2, 10:31 PM

Microsoft Preferred Over Alphabet for AI Investment in 2026

Microsoft is favored over Alphabet for AI investment in 2026 due to diversified revenue and lower risk, according to analysts.