DataSpii

Comment: When online versions of references are available it is expected that you will provide the full citation. {{Cite news}} has a very full list of parameters, not all of which have to be used.
:A further tip for your next review is that paragraphs should not be so black as to be impenetrable. Long lists of names are unreadable Fiddle Faddle 13:56, 13 July 2020 (UTC)

DataSpii (pronounced data-spy) is a leak that compromised the private data of as many as 4 million Chrome and Firefox users via at least eight browser extensions. ^[1] ^[2] ^[3] The Private data included personally identifiable information (PII), corporate information (CI), and government information (GI). DataSpii impacted the Pentagon, Bank of America, Sony, Kaiser Permanente, Apple, Facebook, Microsoft, Amazon, Symantec, FireEye, Trend Micro, Boeing, SpaceX, Zoom, and Palo Alto Networks. Highly detailed information (e.g., private network topology) associated with these corporations and agencies was intercepted and sent to foreign-owned entities. The data was made publicly available via Nacho Analytics (NA), a marketing intelligence company. Both paid and trial members of NA were provided access to the leaked data. Upon signing up for NA membership, members were then provided access to the data via a Google Analytics account. DataSpii leaked un-redacted information related to medical records, tax returns, GPS location, travel itinerary, genealogy, usernames, passwords, credit cards, genetic profiles, company memos, employee tasks, API keys, proprietary source code, LAN environment, firewall access codes, proprietary secrets, operational materials, and zero-day vulnerabilities.

DataSpii was discovered and elucidated by cybersecurity researcher Sam Jadali. By requesting data for a single domain via the NA service, Jadali was able to observe what staff members at thousands of companies were working on in near real-time. The NA website stated it collects their data from millions of opt-in users. Jadali, along with journalists from Ars Technica and The Washington Post, interviewed numerous impacted users, including individuals and major corporations. ^[1] ^[2] According to the interviews, the impacted users did not consent to such collection.

References

^ ^a ^b 1. Goodin, Dan (July 18, 2019). "My browser, the spy: How extensions slurped up browsing histories from 4M users." Ars Technica. Retrieved July 12, 2020.
^ ^a ^b 2. Fowler, Geoffrey (July 18, 2019). "I found your data. It’s for sale." The Washington Post. Retrieved July 12, 2020.
^ 3. O'Flaherty, Kate (July 19, 2019). "Data Leak Warning Issued To Millions Of Google Chrome And Firefox Users." Forbes. Retrieved July 12, 2020.

[fix1-1] 1. Goodin, Dan (July 18, 2019). "My browser, the spy: How extensions slurped up browsing histories from 4M users." Ars Technica. Retrieved July 12, 2020.

[fix2-2] 2. Fowler, Geoffrey (July 18, 2019). "I found your data. It’s for sale." The Washington Post. Retrieved July 12, 2020.

[fix3-3] 3. O'Flaherty, Kate (July 19, 2019). "Data Leak Warning Issued To Millions Of Google Chrome And Firefox Users." Forbes. Retrieved July 12, 2020.

[1]

[2]

[3]