BrightData is another company offering hosted browsers who has also recently leaked private data, although they did email customers to warn them.

I wonder if both of these companies were compromised by a shared vulnerability in headless Chrome? Or else just a coincidence that 2 headless browser companies got hacked at the same time?

I run a headless browser fingerprinting project and have found that URLs that I only fetched via BrightData have subsequently had fetches by Anthropic's Claudebot.

I think most likely an attacker who has the customer data is using Claude to analyse it.

▲

nurettin 9 hours ago | parent [-]

Brightdata? Isn't that the israeli firm formerly called luminati that sells you shady "high quality residential IPs" that you can rotate to scrape the web?

▲

timpera 9 hours ago | parent | next [-]

Yes, that's the one. Their residential IPs service is one of the best ones, but their "ethically sourced proxies" claim seems dubious at best.

	▲	preinheimer 2 hours ago \| parent \| next [-]
		There was a research paper several years ago showing that the "residential IP" stuff is powered by botnets and compromised devices. Luminati is specifically called out. Paper: https://xianghang.me/files/resi_paper.pdf Medium Article: https://medium.com/@xianghangmi/resident-evil-understanding-...
	▲	bright2026 7 hours ago \| parent \| prev [-]
		Historically, their residential proxies came from backdoored proxies of HolaVPN users.

▲

jstanley 9 hours ago | parent | prev | next [-]

Yes. Their hosted browser service is one of the best ones out there.

▲

ikidd 7 hours ago | parent | prev [-]

Now I remember these scumbags. Hijacked HolaVPN I think.