A misconfiguration in Google Groups is believed to have leaked the sensitive data of numerous organisations. Companies using G Suite are offered access to Google Groups, which is a web forum product that provides a common platform for groups to communicate and discuss topics.
According to security researchers at Kenna Security, over 10,000 organizations, including Fortune 500 companies, universities, hospitals, newspapers, television stations and even some U.S. government agencies are leaking some form of sensitive data at the moment due to a widespread misconfiguration in Google Groups.
“While investigating the issue, the team conducted a broad survey of 2.5 million domains, looking for configurations that were publicly exposed,” Kenna security researchers wrote in a blog. “After finding 9637 exposed organizations, the team utilized a random sample of 171 public organizations – enough to provide an affected count to a 90% confidence level. In doing so, the researchers determined that there were nearly 3000 leaking some form of sensitive data.
Read more at Cyware.