But as recent as the beginning of this month, some of those domains submitted by users included usernames, passwords and other confidential information, web-security vendor Finjan said in a news release.
"After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users’ privacy," said Yuval Ben-Itzhak, CTO of Finjan.
A Google spokesman told SCMagazine.com today that about 15 users were affected.
"We have removed this information from URLs in the blacklist and created a process whereby this information is automatically stripped from future URLs submitted by users," spokesman Barry Schnitt said. "In addition, we notified the users who inadvertently disclosed this information and suggested that they reset associated passwords."
To prevent similar future incidents, Finjan recommends users employ different usernames and passwords for sites they visit and disable URL sharing and forwarding functions.
This latest breach brings to mind an incident last summer in which AOL exposed millions of search queries, many containing personally identifiable information, on a public research website.
Click here to email reporter Dan Kaplan.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Innovation Showcase Federal
Government Cyber Security Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
