Abstract
We present DataSpii (pronounced data-spy), the catastrophic data leak that occurs when any one of eight browser extensions collects browsing activity data — including personally identifiable information (PII) and corporate information (CI) — from unwitting Chrome and Firefox users. Our investigation uncovered an online service selling the collected browsing activity data to its subscription members in near real-time. In this report, we delineate the sensitive data source types relevant to the security of individuals and businesses across the globe. We observed two extensions employing dilatory tactics — an effective maneuver for eluding detection — to collect the data. We identified the collection of sensitive data from the internal network environments of Fortune 500 companies. Several Fortune 500 companies provided an additional measure of confirmation through a process of responsible disclosure. By deploying a honeypot to monitor web traffic, we discovered near-immediate visits to URLs collected by the extensions. To address the evolving threat to data security, we propose preemptive measures such as limiting access to shareable links, and removing PII and CI from metadata.
https://securitywithsam.com/2019/07/dataspii-leak-via-browser-extensions/
I should have linked this DataSpii page as well, it sums it up opposed to the raw data presented in the first link.
Nice catch. The browser Firefox caught my attention. Now after a light review of the information I was swimming in a world beyond my knowledge! Is there a Layman's terms version? The average user would likely be confused to say the least? 
May need a degree in Information Technology except ... it changes so fast that there may be a need for "continuing education" to be in front of all this? The additional post really takes it home and works! Appreciate the knowledge.
Yuck! I continue to respect the mostly older people who still handle all personal and financial business through paper. I'm a cross breed, learned from and aged enough before the internet. But like most, convenience has mostly overtaken me although I "try" to be more conservative than my peers. Although I do it, I knew and know this online world would eventually catch up with us. Too vulnerable regardless of how safe they say it is. We may just not find out until 10 years later or we're a victim.
No shaming because I get it, just my thoughts (and showing my age 
)
