AI工具“沉浸式翻译”被曝泄露隐私，用户保单、合同遭公开

Core Viewpoint - The AI translation plugin "Immersive Translation" has been reported to have privacy leakage risks, as translated content can be publicly accessible online, potentially exposing sensitive information such as business contracts and personal records [1][2][6]. Company Overview - "Immersive Translation" is developed by Shanghai Shitongwen Network Technology Co., Ltd. and provides translation services for web pages and documents using AI models like ChatGPT, DeepSeek, and Gemini. The plugin has been available since October 2022 and has over 3 million users on the Edge browser alone [2][3]. Incident Details - Users reported that the snapshot sharing feature of "Immersive Translation" lacked necessary security measures, allowing sensitive translated content to be indexed by search engines. This included business contracts, internal documents, and personal information [2][6][8]. - The company acknowledged the issue on August 9, stating that the snapshot feature would be temporarily taken offline until a robust privacy protection mechanism is established [3][6]. Security Concerns - Experts noted that the incident was not a data security breach but rather a flaw in the feature itself, highlighting the lack of necessary security protections for translated results and insufficient user warnings regarding the sharing of sensitive content [9]. - Historical precedents exist where online translation services have led to data leaks, emphasizing the need for caution when translating sensitive documents [9]. Recommendations for Users - Users are advised to be cautious when using translation services for sensitive content and to consider local deployment of translation models to mitigate risks. They should also review their sharing practices and take remedial actions if they have shared sensitive information [9][10].