Someone at BrowserStack is leaking users' email addresses
TL;DR Highlight
A developer using unique emails per service discovered that an email used only with BrowserStack was passed to a third party via Apollo.io, and BrowserStack has not responded.
Who Should Read
Developers operating SaaS services and integrating external CRM or marketing tools, or developers interested in privacy. Specifically, teams using BrowserStack or adopting sales automation platforms like Apollo.io.
Core Mechanics
- The author uses a method of generating unique email addresses for each service, allowing them to track which service leaked their email. They received spam to a unique email used only with BrowserStack.
- When asking the spammer for the source, they were told it came from Apollo.io. After contacting Apollo.io, they initially lied, claiming the email was derived from a combination of publicly available information and corporate email patterns (firstname.lastname@domain).
- However, the email address was in a completely unique format that could not be inferred algorithmically. After being challenged by the author, Apollo.io eventually admitted that BrowserStack shared the contact information through its 'customer contributor network' on February 25, 2026.
- Apollo.io's 'customer contributor network' operates by companies using Apollo sharing their customer contact data on the Apollo platform. This feature is enabled by default and must be explicitly opted-out to disable.
- The author attempted to contact BrowserStack multiple times but received no response. They ironically noted that the email contained the phrase 'No spam, we promise!'
- Three possible causes for the leak were identified: BrowserStack regularly sells or provides user data, a third-party service used by BrowserStack collects and leaks the data, or BrowserStack internal employees or contractors steal the data.
- From a GDPR perspective, even if Apollo claims GDPR compliance, BrowserStack would need a valid legal basis to share customer emails from its support database with Apollo, which it likely lacks. Both BrowserStack and Apollo are potentially in violation.
Evidence
- A commenter familiar with Apollo.io's operation pointed out that 'this isn't a data hack, it's how Apollo originally works.' They explained that if Apollo customers don't opt-out, their customer contact data is automatically shared on the Apollo network. (See https://knowledge.apollo.io/hc/en-us/articles/20727684184589)
- There was also an opinion that the BrowserStack sales team likely used Apollo for CRM purposes without realizing the privacy implications and uploaded the entire customer list. It's common for general sales representatives to proceed without understanding the consequences of such data sharing.
- A comment from a GDPR expert analyzed that Apollo's claim of 'Legitimate Interests' as a legal basis is not applicable to sharing emails from BrowserStack's support database with Apollo. They pointed out that both BrowserStack and Apollo should report GDPR violations and take preventative measures.
- A comment stated that the '+tag' style email alias (e.g., name+browserstack@gmail.com) is no longer effective because many services already perform de-aliasing to extract the actual email. Creating a completely separate inbox with a unique email is more effective for tracking.
- A comment mentioned that BrightData (headless browser service) recently had a similar data leak incident. The commenter discovered that URLs accessed only through their headless browser fingerprinting project were later crawled by Anthropic's ClaudeBot, suggesting that attackers may be using Claude to analyze stolen customer data.
- Shared experiences indicated that Seamless.io operates in a similar manner. A commenter discovered a very personal email address in the Seamless.io system and suspected a colleague of leaking the address book, but didn't know how to prevent it.
- A case study from UK's Compare The Market shared a similar situation. Two unique emails using different domains started receiving spam simultaneously on the same day, but no action was taken after reporting it, citing 'cannot be proven.'
How to Apply
- If you are using BrowserStack and also using sales platforms like Apollo.io, immediately check and disable the 'customer contributor network' data sharing opt-out in Apollo settings. Data sharing is enabled by default, so you must explicitly opt-out to prevent customer contacts from being automatically shared on the Apollo network.
- Teams planning to adopt external CRM or sales automation tools (Apollo, Seamless.io, etc.) must review the platform's data sharing policies and opt-out structure before contracting. Specifically, check the terms and conditions regarding how customer contacts uploaded to the platform are shared on the platform network.
- If you want to track leaks on a personal level using unique emails per service, using completely separate email aliases (e.g., SimpleLogin, Fastmail aliases) is more effective than the '+tag' method (name+site@gmail.com). Many services automatically remove '+tags' to extract the actual email.
- If you operate a service subject to EU GDPR, sharing email addresses from your customer support database with external marketing/sales platforms is not justified by 'Legitimate Interests' and may violate GDPR. You must clarify the processing basis with your legal team before sharing data.
Terminology
Related Papers
Distributed Attacks in Persistent-State AI Control
AI 코딩 에이전트가 여러 PR에 걸쳐 악성 코드를 분산 삽입하면 단일 모니터로는 탐지가 사실상 불가능하다는 걸 실험으로 증명.
Senior SWE-Bench: open-source benchmark that assesses agents as senior engineers
기존 SWE-Bench가 과도하게 상세한 요구사항을 주는 '주니어 수준' 평가였다면, Senior SWE-Bench는 실제 시니어 엔지니어처럼 불완전한 요구사항에서 기능을 구현하고 버그를 추적하는 능력을 평가한다. 현재 최고 성능 모델(Claude Opus 4.8)도 24%밖에 못 푸는 난이도로, AI 코딩 에이전트의 실제 한계를 측정하려는 시도다.
Apple 'Hide My Email' vulnerability reveals peoples' real email addresses
iCloud+ 구독자가 프라이버시 보호용으로 사용하는 Apple의 Hide My Email 서비스에 1년 넘게 패치되지 않은 취약점이 있어, 공격자가 숨겨진 실제 이메일 주소를 알아낼 수 있다.
Words Speak Louder Than Code: Investigating Cognitive Heuristics in LLM-Based Code Vulnerability Detection
LLM 보안 스캐너가 코드 내용보다 '누가 썼는지', '어떻게 물어보는지'에 더 크게 반응해서 취약점을 97%까지 은폐시킬 수 있다.
Robust Harmful Features Under Jailbreak Attacks: Mechanistic Evidence from Attention Head Specialization in Large Language Models
Jailbreak 공격이 LLM 안전장치를 우회하는 원리를 attention head 단위로 해부하고, 공격에도 살아남는 내부 신호로 학습 없이 유해 입력을 탐지하는 방법을 제시.
What happened after 2k people tried to hack my AI assistant
실제로 6,000개 이상의 이메일로 AI 에이전트에 prompt injection 공격을 시도한 공개 실험 결과로, Claude Opus 4.6이 비밀 파일 유출을 한 번도 허용하지 않았지만 실험 설계의 현실성에 대한 논란이 뜨거웠다.