A simple configuration mistake has seen hundreds of companies using Google's G Suite productivity platform publish internal information to the internet, researchers have found.
G Suite provides the Google Groups sharing and messaging service, which was originally designed as a gateway to Usenet newsgroups.
In an advisory [pdf], security vendor RedLock said several companies have allowed outside access to messages posted on their Google Groups forums, potentially exposing sensitive internal data to anyone on the internet.
The information leaked was in some cases sensitive personal data such as employee email and home addresses and phone numbers.
Among the companies listed by RedLock as having exposed private information are IBM-owned The Weather Company and helpdesk provider Freshworks.
Publisher Fusion Media Group, the parent company of well-known sites such as Gizmodo, Lifehacker, The Onion, Kotaku, io9 and others, has also inadvertently leaked organisational data.
Fixing the problem is simple: G Suite customers are advised to change the groups sharing setting to private rather than public, to prevent open slather access to their internal data.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
