AI Chat Privacy Breach Explained How a Trusted Chrome Extension Exposed Millions of Conversations

In mid December 2025, a major privacy incident shocked both everyday users and businesses that rely on AI tools. Security researchers confirmed that a popular Chrome browser extension was secretly collecting private AI conversations and sending them to external servers without clear user permission. Millions of people had trusted this extension, believing it was safe due to its featured status and positive reviews. Instead, their private prompts and AI generated replies were quietly exposed.
This incident has become one of the most serious AI chat privacy breaches involving browser extensions to date and has raised new concerns about how much access extensions truly have inside modern browsers.
What Actually Happened
For years, users installed a Chrome extension believing it improved their browsing experience and protected their privacy. In December 2025, researchers discovered that the extension known as Urban VPN Proxy had been quietly monitoring AI chat activity.
More than six million users had installed the extension from the Chrome Web Store. An additional one point three million users installed it through the Microsoft Edge Add ons marketplace. Many people trusted it because it was labeled as a featured extension and had strong user ratings.
A recent update introduced hidden code that recorded AI prompts and responses from popular chat tools. These included ChatGPT, Claude, Gemini, and Copilot. As users typed questions and received answers, the extension captured the conversations in real time.
Most users had no idea this was happening.
Why This Breach Is So Serious
AI chats often include personal thoughts, work related discussions, business strategies, login troubleshooting, and sensitive questions. In many cases, companies use AI tools for internal research and decision making.
The extension did not just collect basic browsing data. It captured full conversations along with session identifiers, timestamps, and information about which AI model was used. This level of access created a serious risk of personal data exposure and corporate information leaks.
Because of the scale involved and the sensitivity of the data, this incident is being described as a major AI chat data leak rather than a minor extension privacy issue.
How the Extension Was Able to Read AI Chats
When users opened an AI chatbot in their browser, the extension quietly injected hidden scripts into the web pages connected to those services. These scripts hooked into the browser’s network communication systems.
The extension copied prompts and AI responses as they moved between the browser and the AI platform. After capturing the data, it allowed the conversation to continue normally so users noticed no disruption.
This behavior is similar to a man in the middle attack but it occurs entirely inside the browser using extension permissions. Even though AI platforms use secure connections, the extension was still able to access the data once users granted it broad permissions.
Why a Featured Badge Did Not Protect Users
Many people assume that a featured badge on the Chrome Web Store means an extension has passed strict security and privacy checks. In reality, the badge mostly reflects quality, usability, and popularity.
Urban VPN Proxy and several related extensions had this badge, which gave users a false sense of safety. The badge did not prevent the extension from collecting private AI conversations or sharing that data with third parties.
The extension’s updated privacy policy mentioned collecting AI chat data for analytics and marketing purposes, but it did not clearly explain how sensitive or extensive the collection really was.
Browser Extensions and Hidden Privacy Risks
Security experts have warned for years that browser extensions can pose serious privacy risks. Many extensions request permission to read and change data on all websites a user visits.
Once granted, those permissions allow extensions to see nearly everything typed into a browser, including content on secure HTTPS pages. Some extensions are malicious from the start. Others become dangerous after updates introduce hidden tracking features.
In this case, users installed Urban VPN Proxy believing it was harmless. The real risk appeared later when an update quietly added AI chat monitoring functionality.
Extensions Involved in the AI Chat Data Collection
Urban VPN Proxy was the main extension involved in the breach. Researchers also identified similar behavior in other extensions from the same publisher. These included 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker.
Together, these extensions reached more than eight million users across Chrome and Edge platforms. Most of them carried featured labels, which increased user trust.
The collected AI chat data was transmitted to servers operated by the publisher or its analytics and advertising partners. This information could be used to build detailed user behavior profiles or large data sets.
What Data Was Collected
Unlike typical browsing analytics, the extension was designed to capture complete AI conversations. The data collected included user prompts, AI generated responses, session identifiers, timestamps, chat metadata, and information about the AI model used.
Even metadata alone can reveal patterns about personal habits, work activities, and interests. Combined with full chat content, the privacy impact becomes extremely serious
How Chrome Extensions Can Intercept Data
Chrome extensions operate with different permission levels. When users approve access to website content or network requests, extensions can see and modify page data.
Some common data interception methods include injecting scripts into web pages to monitor input, intercepting network traffic by overriding browser request functions, and running content scripts that read what users type.
When permissions are misused or hidden code is added, extensions can quietly collect data from secure websites without the user realizing it.
How to Check If an Extension Is Watching Your AI Chats
If you are concerned about extension based spying, there are several steps you can take.
Review extension permissions and be cautious of any tool that can read and change data on all websites. Check recent updates and compare them with the extension’s public description. Research the developer and read their privacy policy carefully. Look for reports from trusted cybersecurity sources about malicious or risky extensions.
If something feels suspicious, remove the extension immediately and restart your browser to cut off access.
How to Protect Your AI Conversations
Keeping AI chats private requires both awareness and good habits. Use only extensions from developers who clearly state they do not collect or store user data. Limit permissions whenever possible and avoid granting access to all websites.
Consider using privacy focused tools that operate locally in your browser and do not send prompts or responses to external servers. Regularly review your installed extensions and remove anything you no longer use.
Staying proactive greatly reduces the risk of unexpected AI chat privacy breaches.
Common Questions About AI Chat Privacy
Chrome extensions can access AI chats if they have permission to read website content. Some extensions are capable of sending that data outside the browser. This was confirmed in the Urban VPN incident.
Extensions can intercept web traffic by monitoring network requests or injecting code into pages. This allows them to copy data before it reaches its destination.
ChatGPT itself uses secure connections, but third party extensions can weaken that privacy. Reducing or removing unnecessary extensions lowers the risk significantly.
The most dangerous permissions are those that allow extensions to read and change data on all websites, especially pages linked to AI services.
Final Thoughts
This AI chat privacy breach shows that high ratings and trusted badges do not guarantee safety. Millions of conversations were exposed because users trusted an extension with broad permissions.
Take time to review your browser setup, remove extensions you do not fully trust, and choose tools that prioritize transparency and privacy. AI conversations often contain personal and sensitive information, and they deserve strong protection.
Take action today by auditing your extensions and keeping only those that respect your privacy. Your AI chats should remain yours alone.