Google warning for BILLIONS as thousands of 'leaky sites' found
Share this

THOUSANDS of websites are collecting your data as you type it, a new study claims.

If you thought typing something out on a website and then erasing it before submission keeps your information safe – think again.

Thousands of websites are collecting your data as you type it, according to a new study.


Thousands of websites are collecting your data as you type it, according to a new study.

Researchers from KU Leuven, Radboud University, and the University of Lausanne analyzed the top 100,000 websites on Google search in Europe and the United States and found some interesting statistics.

Users’ email addresses are gathered for tracking, marketing, and analytics domains before they submit any forms or give consent.

This was the case for 1,844 websites when visited from the EU and 2,950 when visited from the US.

A number of the sites did not intentionally conduct the data-logging but featured third-party marketing and analytics services that do.

The study also found incidental password collection on 52 websites by third-party session replay scripts.

Included in that list is the Russian tech giant Yandex, which faced a massive data breach earlier this year.

The study’s authors noted that after they disclosed their findings to these sites, all 52 instances have since been resolved.

“If there’s a Submit button on a form, the reasonable expectation is that it does something—that it will submit your data when you click it,” Güneş Acar, a professor at Radboud University, and one of the leaders of the study, said.

“We were super surprised by these results. We thought maybe we were going to find a few hundred websites where your email is collected before you submit, but this exceeded our expectations by far.”

In a follow-up investigation, the researchers found that Meta (formerly, Facebook) and TikTok collect hashed personal information from web forms even when the user does not submit the form and does not give consent.

“In some cases, when you click the next field, they collect the previous one, like you click the password field and they collect the email, or you just click anywhere and they collect all the information immediately,” Asuman Senol, a privacy and identity researcher at KU Leuven and one of the study co-authors, noted.

“We didn’t expect to find thousands of websites; and in the US, the numbers are really high, which is interesting.”

The study authors are slated to present their findings in full at the USENIX security conference in August.

Kim Kardashian flaunts her tiny waist in a skintight outfit in new photos
Guard's heroic last act praised as first Buffalo shooting victims named

The authors added that they were inspired to investigate the study, dubbed “leaky forms”, by media reports from online publication Gizmodo.

Furthermore, they hope that their findings will raise awareness about the issue, not only for regular web users but for website developers and administrators as well.

We pay for your stories!

Do you have a story for The US Sun team?

Share this
You May Also Like

Crypto hedge fund Three Arrows files for bankruptcy

Cryptocurrency hedge fund Three Arrows Capital (3AC) filed for Chapter 15 bankruptcy…

I was abducted by aliens on my way home from work and experimented on – people are finally starting to believe my story

ONE of the world’s most famous “alien abductees” says he feels vindicated…

Formula One driver survives horrific crash thanks to halo cockpit requirement

Formula One driver Zhou Guanyu likely wouldn’t be alive today if it…

Driverless car traffic jam as robotaxis shutdown & block street for HOURS

A BUSY interchange in San Francisco was brought to a standstill after…

Geomagnetic storm this week caused by ‘CYCLOPS hole in Sun’s atmosphere’ could affect power grid and satellites

A GEOMAGNETIC storm is expected to hit Earth’s magnetic field on July…

Huge Call of Duty leak reveals maps for Modern Warfare 2 and COD 2024

CALL of Duty fans have been given a huge glimpse at what…

The government’s going after alleged crypto scammers as market crashes

The US government seems to be worked up about cryptocurrency scams. On…

Minecraft adds tribute to Technoblade after streamer’s death

Minecraft has been updated with a tribute to the popular streamer Technoblade,…