Grammarly had a glitch in its google chrome extension that revealed its authorization parameters to websites, which allowed sites to login to random user accounts and view their account data.
Tavis Ormandy, Google’s Project Zero expert on 2nd Feb, said: “I’m calling this a high severity bug because it appears to be a pretty severe violation of user's belief.” “Users would not expect that visiting a website gives it permission to access documents or data they’ve typed into other websites.”
However, Grammarly has tended efficiently to the issue and pushed a refresh to the Chrome Web Store and Mozilla, showing "an extremely amazing reaction time," Ormandy wrote in a subsequent post-Monday. "I'm calling this issue settled."
ALSO READ: Dutch Banks Under DDoS Attacks | Top Dutch Banks Hit By Cyber Attack
“We were recently informed about the security glitch in our extension on Friday, and then we worked with Google to roll out a fix within a few hours,” Grammarly said on Twitter, saying thanks to Ormandy for his assistance "finding and notifying the group about the complexities of this bug." More points of interest will be anticipated soon, the organization included.
There are more than 20 million users of Grammarly's Chrome extension, and the organization likewise offers an online proofreader. Its product examines the user's writing for spelling, grammar, style, and punctuation offering suggestions and corrections.
Ormandy's original post included only four lines of the code explaining how a Grammarly user's data could be exposed, regardless of whether by a script or manually:

That code produces a token that matches a cookie utilized by Grammarly. "I checked that is sufficient to log in to a grammarly.com account," Ormandy said. "In this manner, any site can login to grammarly.com as you and access all your account documents and also history, logs, and other data."
Reacting to a Tweet on Monday, Ormandy said that the glitch was of a nature that wouldn't be found by Google's current monitoring capacities for Chrome extension code.

Here are few tips you must follow to keep your data protected:
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update. By doing this you can keep your device free from virus. According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection. Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like McAfee or a good Malware Removal Tool like Download Free Virus RemovalTool
- Enable your popup blocker: Install a powerful ad- blocker for Chrome, Mozilla, and IE.