Sensitive Internal Data of Over 10,000 Firms Likely Leaked Due to Google Groups Misconfiguration

A misconfiguration in Google Groups is believed to have leaked the sensitive data of numerous organisations. Companies using G Suite are offered access to Google Groups, which is a web forum product that provides a common platform for groups to communicate and discuss topics.

According to security researchers at Kenna Security, over 10,000 organizations, including Fortune 500 companies, universities, hospitals, newspapers, television stations and even some U.S. government agencies are leaking some form of sensitive data at the moment due to a widespread misconfiguration in Google Groups.

“While investigating the issue, the team conducted a broad survey of 2.5 million domains, looking for configurations that were publicly exposed,” Kenna security researchers wrote in a blog. “After finding 9637 exposed organizations, the team utilized a random sample of 171 public organizations – enough to provide an affected count to a 90% confidence level. In doing so, the researchers determined that there were nearly 3000 leaking some form of sensitive data.

Read more at Cyware.

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply