• About
    • History of Dallas SEO
    • SEO Expert Witness Service
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Email Newsletter

Bill Hartzer

Bill Hartzer on Search, Marketing, Tech, and Domains.

traffic analysis tools

Home » Marketing » Grammarly Chrome Extension Exposes All Your Documents

Grammarly Chrome Extension Exposes All Your Documents

Posted By Bill Hartzer on February 6, 2018at 1:49 pm

Grammarly accounts exposed
A bug in Grammarly’s Google Chrome web browser extension was exposing all of your documents to virtually anyone or any website that wants to view them. If you’ve used Grammarly’s Chrome extension, all of the documents (including websites, documents, MS Word documents, including Microsoft Office documents) have been exposed to the public.

If any of the documents that you’ve used Grammarly on to check spelling or plagiarism are of a sensitive nature, then you probably should be concerned about this security breech.

Update: this has been fixed and user login details are no longer exposed. However, if you have any documents that are of a sensitive nature in your Grammarly account then you may want to remove them. Also, in any case like this, I urge you to go change your login details (change your password) at Grammarly.

Grammarly’s Auth Tokens Exposed

The problem was that Grammarly’s auth tokens have been exposed to all websites through their Google Chrome web browser extension. Essentially, a simple script (JavaScript code) installed on a website could get a grauth token (a Grammarly authorization token), and that grauth token matched the grauth cookie used on grammarly.com That meant that anyone with the grauth token could log into your Grammarly account, accessing all of your documents.

A bug report was added to bugs.chromium.org, detailing the issue:

grammarly security breech

I recommend that, for now, you uninstall the Chrome web browser extension on Grammarly unless you absolutely need it, and stop using Grammarly on highly sensitive documents. Then, log into your Grammarly account and review the documents there to be certain that there aren’t any documents there that contain sensitive content. And, as mentioned above, change your password at Grammarly.

Grammarly currently has about 22 million users.

Filed Under: Marketing

traffic analysis tools

Listen to "Digital Marketing with Bill Hartzer" on Spreaker.

About Bill Hartzer

Bill Hartzer is CEO of Hartzer Consulting, LLC, an SEO Consulting firm that includes services such as search engine optimization, technical SEO audits, domain name consulting, and online reputation management.

Recent Posts

  • RightoftheDot Live Online Domain Auction February 25 February 18, 2021
  • Jabez LeBret on Digital PR, Journalism, and Media Coverage February 5, 2021
  • Someone Stole My Domain Name: Here’s What You Do February 1, 2021
  • 23 Top Level Domains TLDs Up for Auction January 27, 2021
  • GotConn Privacy Search Engine Launches January 26, 2021
  • Andrew Muller on Testing Google Ads Using Facebook Ads January 15, 2021
  • Mike Rhodes from Web Savvy On Google Ads January 8, 2021
  • How to Opt Out of Google Analytics December 16, 2020
  • Majestic Just Changed SEO and Linking Forever December 15, 2020
  • Yext Consumer Search Trend Predictions for 2020 December 8, 2020
  • SearchBox Launches SearchAI SmartSuggest, SearchAI Answers and SearchAI Personalization December 7, 2020
  • Google Poly is Shutting Down December 2, 2020
  • Domain Name Brokers Put FFF.com and HHH.com Domains Up for Sale December 1, 2020
  • Google Webmaster Tools Moves Twitter Account November 11, 2020
  • Email Deliverability, Setting Up DMARC, DKIM, and SPF on Your Domain October 29, 2020
  • The Bing Search Engine is Now Microsoft Bing October 6, 2020
  • Beck Power on Building Authority on Social Media and Repurposing Content October 2, 2020
  • Naira Perez on Paid Media, and an Intro to Social Paid Media, and Audiences September 17, 2020
  • Fake Birth Date Used on Google and Apple Accounts Is on Credit Report August 17, 2020
  • What is Bill Hartzer Disease? July 20, 2020

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:



Industry Friends

WTFSEO
SEO By the Sea
Jeff Lenney
Jeff Gabriel
Phil Drinkwater
Dixon Jones

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (19)
  • Bing Search Engine (6)
  • Blogging (42)
  • Branding (12)
  • Domain Names (200)
  • Google (228)
  • Internet Marketing (24)
  • Internet Usage (84)
  • Link Building (52)
  • Local Search (38)
  • Marketing (176)
  • Marketing Foo (30)
  • Pay Per Click (1)
  • Podcast (9)
  • Public Relations (8)
  • Reputation Management (9)
  • Search Engine Marketing (44)
  • Search Engine Marketing Events (47)
  • Search Engine Marketing Firms (19)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (156)
  • Search Engines (203)
  • Social Media (187)
  • Tech (7)
  • Web Analytics (16)




Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.




Hartzer Consulting



Website, Content, and Marketing by Hartzer Consulting, LLC.

Copyright © 2021 by Bill Hartzer and Hartzer Consulting, LLC.

Disclaimer - Privacy Policy - Terms of Use
Go to mobile version