Data Exfiltration Risk Found in ChatGPT for Google Sheets

A security analysis has revealed that the ChatGPT for Google Sheets extension, widely used for AI-assisted data processing, contains a vulnerability that could enable data exfiltration of entire workbooks. Researchers at PromptArmor, an advocacy-focused security firm, documented the flaw in a report published Wednesday. The issue centers on how the extension handles user data within the Google Sheets environment.

This vulnerability is significant because many organizations rely on this extension for automating spreadsheet tasks, often storing sensitive business information in those workbooks. The discovery underscores a growing concern around third-party AI add-ons for productivity suites, where convenience can come at the cost of security. PromptArmor's report suggests that the design of the extension's API interactions with the large language model exposes data retrieval methods.

While the report did not disclose exact exploitation metrics, it detailed a proof-of-concept attack that could siphon data without the user's knowledge. The researchers stated that the extension's permissions model allows it to access the entire spreadsheet, bypassing typical user controls. No specific numbers of affected users or organizations were provided.

The immediate implication is that users should review the extension's permissions and consider disabling it for sensitive documents. Google has been notified of the vulnerability, though no official patch has been issued as of the report's publication. Companies using the tool should enforce stricter data access policies until a fix is rolled out.

PromptArmor recommended that users limit the extension's access to only the specific sheets or cells required for their tasks, rather than granting full workbook access.