• About
    • History of Dallas SEO
    • SEO Expert Witness Services
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Email Newsletter

Bill Hartzer

Bill Hartzer on Search, Marketing, Tech, and Domains.

SEMrush

Home » Marketing » Grammarly Chrome Extension Exposes All Your Documents

Grammarly Chrome Extension Exposes All Your Documents

Posted on February 6, 2018 Written by Bill Hartzer

Grammarly accounts exposed
A bug in Grammarly’s Google Chrome web browser extension was exposing all of your documents to virtually anyone or any website that wants to view them. If you’ve used Grammarly’s Chrome extension, all of the documents (including websites, documents, MS Word documents, including Microsoft Office documents) have been exposed to the public.

If any of the documents that you’ve used Grammarly on to check spelling or plagiarism are of a sensitive nature, then you probably should be concerned about this security breech.

Update: this has been fixed and user login details are no longer exposed. However, if you have any documents that are of a sensitive nature in your Grammarly account then you may want to remove them. Also, in any case like this, I urge you to go change your login details (change your password) at Grammarly.

Grammarly’s Auth Tokens Exposed

The problem was that Grammarly’s auth tokens have been exposed to all websites through their Google Chrome web browser extension. Essentially, a simple script (JavaScript code) installed on a website could get a grauth token (a Grammarly authorization token), and that grauth token matched the grauth cookie used on grammarly.com That meant that anyone with the grauth token could log into your Grammarly account, accessing all of your documents.

A bug report was added to bugs.chromium.org, detailing the issue:

grammarly security breech

I recommend that, for now, you uninstall the Chrome web browser extension on Grammarly unless you absolutely need it, and stop using Grammarly on highly sensitive documents. Then, log into your Grammarly account and review the documents there to be certain that there aren’t any documents there that contain sensitive content. And, as mentioned above, change your password at Grammarly.

Grammarly currently has about 22 million users.

Filed Under: Marketing

SEMrush

About Bill Hartzer

Bill Hartzer is CEO of Hartzer Consulting, an SEO Consulting firm that includes services such as search engine optimization, technical SEO audits, domain name consulting, and online reputation management. As an SEO Expert, Mr. Hartzer frequently serves as an SEO Expert Witness and Domain Name Expert Witness in legal cases worldwide. He also oversees DNAccess.com, a company that provides brand protection and monitoring, domain name background checks, and stolen domain name recovery services.

Recent Posts

  • Google’s Search Generative Experience According to Google Bard May 22, 2023
  • Is AIO the New SEO? May 10, 2023
  • Google Passkey Support to Replace Built-In Security Key for Google Accounts May 3, 2023
  • WisTL Launches WisTLing App to Explore The Filming Locations of TV Series and Movies April 28, 2023
  • BrandChamp Acquires CrewFire April 12, 2023
  • Facebook Won’t Verify My Identity for Meta Verified April 4, 2023
  • ChatGPT Versus Google Bard: Which is Better? March 22, 2023
  • All Domain Names Need SSL: Parked Domains Are Losing Traffic, Revenue March 17, 2023
  • Google is Finally Sunsetting Google Glass March 16, 2023
  • Microsoft Teams Free Classic Shutting Down April 12, 2023 February 21, 2023
  • GoDaddy Customer Loses Domain Name Due to Auto Renew Fail February 9, 2023
  • dotDB is Not Shutting Down February 1, 2023
  • Someone Stole My Domain Name: Here’s What You Do January 4, 2023
  • Web Hosting Services Market to Grow to $254.86 Billion by 2029 December 13, 2022
  • This SEO Blog Post Was Written by ChatGPT December 8, 2022
  • Facebook Rolling Out Facebook Articles December 7, 2022
  • Doing SEO is Better Than… December 6, 2022
  • Tucows and GoDaddy Report Q3 2022 Results November 6, 2022
  • How to Measure App Events Sourced by Organic Search and SEO September 20, 2022
  • Google Allegedly Eavesdrops and Monitors the Brain 24 hours a Day to Control Humanity September 14, 2022

Hartzer Domains

US Agency Awards Judge

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:



Industry Friends

I Love SEO
WTFSEO
SEO By the Sea
Jeff Lenney
Jeff Gabriel
Phil Drinkwater
Dixon Jones
Brian Hartzer
Navah Hopkins
DNAccess
SEO Dallas

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (19)
  • AI (1)
  • Bing Search Engine (6)
  • Blogging (42)
  • Branding (12)
  • Domain Names (212)
  • Google (239)
  • Internet Marketing (25)
  • Internet Usage (85)
  • Link Building (53)
  • Local Search (39)
  • Marketing (183)
  • Marketing Foo (30)
  • Pay Per Click (3)
  • Podcast (18)
  • Public Relations (8)
  • Reputation Management (9)
  • Search Engine Marketing (44)
  • Search Engine Marketing Events (48)
  • Search Engine Marketing Firms (19)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (164)
  • Search Engines (204)
  • Social Media (194)
  • Tech (7)
  • Web Analytics (17)
  • Webinars (1)

Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.




Hartzer Consulting



Website, Content, and Marketing by Hartzer Consulting, LLC.

Copyright © 2023 ·