• About
    • History of Dallas SEO
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Services
    • Search Engine Optimization
    • Ongoing SEO Services
    • SEO Expert Witness
    • Google Penalty Recovery
    • Mini SEO Audit
    • Link Audit
    • Keyword Research
    • Combine Websites SEO Services
    • PPC Management
    • Online Reputation Management
    • Domain Name Consultant
    • Domain Names & Expired Domains
    • Domain Name Appraisal

Bill Hartzer

GoDaddy Airo: Register your .com domain name today!
Home » Marketing » Grammarly Chrome Extension Exposes All Your Documents

Grammarly Chrome Extension Exposes All Your Documents

Posted on February 6, 2018 Written by Bill Hartzer

Grammarly accounts exposed
A bug in Grammarly’s Google Chrome web browser extension was exposing all of your documents to virtually anyone or any website that wants to view them. If you’ve used Grammarly’s Chrome extension, all of the documents (including websites, documents, MS Word documents, including Microsoft Office documents) have been exposed to the public.

If any of the documents that you’ve used Grammarly on to check spelling or plagiarism are of a sensitive nature, then you probably should be concerned about this security breech.

Update: this has been fixed and user login details are no longer exposed. However, if you have any documents that are of a sensitive nature in your Grammarly account then you may want to remove them. Also, in any case like this, I urge you to go change your login details (change your password) at Grammarly.

Grammarly’s Auth Tokens Exposed

The problem was that Grammarly’s auth tokens have been exposed to all websites through their Google Chrome web browser extension. Essentially, a simple script (JavaScript code) installed on a website could get a grauth token (a Grammarly authorization token), and that grauth token matched the grauth cookie used on grammarly.com That meant that anyone with the grauth token could log into your Grammarly account, accessing all of your documents.

A bug report was added to bugs.chromium.org, detailing the issue:

grammarly security breech

I recommend that, for now, you uninstall the Chrome web browser extension on Grammarly unless you absolutely need it, and stop using Grammarly on highly sensitive documents. Then, log into your Grammarly account and review the documents there to be certain that there aren’t any documents there that contain sensitive content. And, as mentioned above, change your password at Grammarly.

Grammarly currently has about 22 million users.

Filed Under: Marketing

About Bill Hartzer

Bill Hartzer is the CEO of Hartzer Consulting and founder of DNAccess, a domain name protection and recovery service. A recognized authority in digital marketing and domain strategy, Bill is frequently called upon as an Expert Witness in internet-related legal cases. He's been sharing insights and research here on BillHartzer.com for over two decades.

Bill Hartzer on Search, Marketing, Tech, and Domains.

Recent Posts

  • Coldplay Kiss Cam Chaos: What the Andy Byron Scandal Teaches About Online Reputation July 17, 2025
  • Marketing Signals Rolls Out AI Search Optimisation Services July 17, 2025
  • Bluehost and HostGator Expired Domains Now Only Available on NameJet and SnapNames July 15, 2025
  • Why Everyone on Google Trends Is Suddenly a Person—And What It Means for SEO July 14, 2025
  • Grow Your Instagram Like a Pro with Hexrate’s Game-Changing Tools July 14, 2025
  • Unbounce Doubles Down on AI and Automation to Boost Go-To-Market Teams July 10, 2025
  • NameSilo to Acquire SewerVUE Technology in $2.45M Deal July 10, 2025
  • Internet Marketing Ninjas Acquired by Previsible.IO July 9, 2025
  • Metricool Brings Real Analytics to Personal LinkedIn Profiles July 8, 2025
  • This Cleveland Agency Found a Smarter Way to Rank in Every Suburb—Without Opening More Offices July 8, 2025
  • Survey: Gen Z Reuses Passwords but Demands Bank-Level Security From Small Businesses July 8, 2025
  • Liftoff Reveals What’s Actually Working in Mobile Ads July 7, 2025
  • EasySend’s Big Move: AI Tools That Make Static Forms Obsolete July 7, 2025
  • Is Social Media Failing Small Businesses? New Survey Reveals a Hidden Blind Spot July 7, 2025
  • Why Cloudflare’s Pay Per Crawl Is a Trap for 99% of Websites July 2, 2025
  • The Hidden Risk of Double Letters in Brand and Domain Names July 2, 2025
  • GEO Verified™ Launches to Help Brands Survive the AI Search Shakeup July 1, 2025
  • RetailOnline.com Hits the Market After 25 Years—And It’s Built for the Future of E-Commerce July 1, 2025
  • AI-Powered Task Planning: The Future of Business Efficiency and Personal Productivity June 30, 2025
  • New Yoast Add-On Turns Google Docs Into an SEO Power Tool June 26, 2025

Hartzer Domains

Bare-Metal Servers by HostDime

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:

Industry Friends

I Love SEO
WTFSEO
SEO By the Sea
Brian Harnish
Jeff Lenney
Jeff Gabriel
Scott Hendison
Dixon Jones
Brian Hartzer
Navah Hopkins
DNAccess
SEO Dallas
Confirmed Stolen

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on BlueSky
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (109)
  • AI (201)
  • Bing Search Engine (8)
  • Blogging (43)
  • Branding (19)
  • Domain Names (317)
  • Google (261)
  • Internet Marketing (52)
  • Internet Usage (95)
  • Link Building (53)
  • Local Search (63)
  • Marketing (232)
  • Marketing Foo (34)
  • Pay Per Click (9)
  • Podcast (19)
  • Public Relations (9)
  • Reputation Management (15)
  • Search Engine Marketing (46)
  • Search Engine Marketing Events (60)
  • Search Engine Marketing Firms (95)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (189)
  • Search Engines (223)
  • Social Media (302)
  • Social Media Marketing (59)
  • Tech (16)
  • Web Analytics (21)
  • Webinars (1)

Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.

 

Hartzer Consulting

Website, Content, and Marketing by Hartzer Consulting, LLC.

Disclaimer - Privacy Policy - Terms of Use

Copyright © 2025 ·