A simple configuration mistake has seen hundreds of companies using Google's G Suite productivity platform publish internal information to the internet, researchers have found.
G Suite provides the Google Groups sharing and messaging service, which was originally designed as a gateway to Usenet newsgroups.
In an advisory [pdf], security vendor RedLock said several companies have allowed outside access to messages posted on their Google Groups forums, potentially exposing sensitive internal data to anyone on the internet.
The information leaked was in some cases sensitive personal data such as employee email and home addresses and phone numbers.
Among the companies listed by RedLock as having exposed private information are IBM-owned The Weather Company and helpdesk provider Freshworks.
Publisher Fusion Media Group, the parent company of well-known sites such as Gizmodo, Lifehacker, The Onion, Kotaku, io9 and others, has also inadvertently leaked organisational data.
Fixing the problem is simple: G Suite customers are advised to change the groups sharing setting to private rather than public, to prevent open slather access to their internal data.
_(20).jpg&h=140&w=231&c=1&s=0)
iTnews Benchmark Awards 2026
iTnews Executive Retreat - Security Leaders Edition
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
