Google Chrome Data Breach Alert Sends Indian Users Into Panic

After rolling out a Google Chrome update to fix the bug which deleted app data, tech giant Google is now alerting users in India about potential data breach and phishing incidents.

The Chrome 79 update was halted midway after a bug was discovered for Android users. And now that the updates have resumed, many users reported that the browser was alerting them about potential data breaches on websites and services.

With the latest update, pop-ups began to show on laptops, desktops and smartphones, showing users in India a warning that said their passwords may have been stolen as part of a data breach incident or a leak. Users reported seeing this alert on many sites including grocery delivery service Freshtohome, according to a Livemint report.

The alerts are part of a feature as explained by Google and includes safety protections which it plans to extend to users across the globe. Now, Google shows real-time notifications to users in India and globally, in the case of phishing or data breach. For instance, Google will now show warning pop-ups as mentioned in a Twitter post in case of any vulnerabilities.

Earlier, Google had to pause the rollout of the Chrome v79 update after several users complained about losing the stored app data which includes bookmarks and other settings. The company said only 15% of users got the update which had the flaw.

The data breach incidents are on the rise worldwide, a joint study conducted by PwC India and Data Security Council of India (DSCI) revealed that the average cost of a data breach in the country has gone up to INR 11.9 Cr, an increase of 8% from 2017. This is only going to increase in the coming days as the country is grappling towards an increasing number of sophisticated cyberattacks, driven by political and personal motives. This might be one of the reasons where the average cost of a malicious insider attack rose by 15% in 2019 compared to last year.

The Indian Computer Emergency Response Team (CERT-In) has also reported an increasing number of data security breach and phishing attacks in the country. The cybersecurity entity had earlier estimated that cyberattacks in the country have increased from 53K in 2017 to 200K in 2018, an alarming rise of about 292% cases, including networking scanning, probing, and phishing, vulnerable services accounted for over 61% of these incidents.

Last month, CERT-In had released an advisory for OnePlus customers in India, where it claimed that less than 3K Indian customers were exposed in the recent security breach. Also, Google revealed that it has sent more than 12K warnings to users in 149 countries, who were allegedly targetted by government-backed attackers. Google said that over 90% of these users were targetted using ‘credential phishing emails,’ where the hackers can obtain the target’s passwords, account details and more.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.