G Suite customers leak internal data via Groups

By on
G Suite customers leak internal data via Groups

Tick a box configuration mistake.

A simple configuration mistake has seen hundreds of companies using Google's G Suite productivity platform publish internal information to the internet, researchers have found.

G Suite provides the Google Groups sharing and messaging service, which was originally designed as a gateway to Usenet newsgroups.

In an advisory [pdf], security vendor RedLock said several companies have allowed outside access to messages posted on their Google Groups forums, potentially exposing sensitive internal data to anyone on the internet.

The information leaked was in some cases sensitive personal data such as employee email and home addresses and phone numbers.

Among the companies listed by RedLock as having exposed private information are IBM-owned The Weather Company and helpdesk provider Freshworks.

Publisher Fusion Media Group, the parent company of well-known sites such as Gizmodo, Lifehacker, The Onion, Kotaku, io9 and others, has also inadvertently leaked organisational data.

Fixing the problem is simple: G Suite customers are advised to change the groups sharing setting to private rather than public, to prevent open slather access to their internal data.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.

Most Read Articles

Log In

Username / Email:
  |  Forgot your password?