Yikes. A bug in a set of Google software tools for enterprises exposed some users' personal information for almost two years, despite those users setting their data to private.
Google Apps for Work works as a collection of Google's online services (such as Gmail and Calendar), but are tailored for business application. Included in the collection is a version of Google Domains, which works like GoDaddy, allowing users to purchase website URLs and create email accounts with company-specific domain names, e.g. firstname.lastname@example.org.
Those who decide to register a domain via Google Apps for Work can choose to keep the registration information (names, contact, numbers, email addresses) private, or more accurately, hidden. However, there is a bug in Google Apps that does not follow the privacy request made by the user. Furthermore, despite incorporating a fix that restored the domains to their private status, the bug might have likely caused the personal data to be left behind on the world wide web.
Apparently, that bug had left personal information since 2013 until just a few weeks ago. According to Talos, a security intelligence firm, 94 percent of the 306,000 Google Apps for Work site owners who set their information private might have been compromised. The domains that were not affected were those that were not renewed or were registered within the last year.
Needless to say, this issue could spell a lot of trouble for Google and of course, for the users who are requesting that their domains be kept private. Hiding domains is a fairly common safeguarding practice because it wards off phishing, identity theft, spam, and other scams. Google Apps for Work relies on eNom, a third party security provider that allows users to make their personal information anonymous for about $6 a year.
It was actually a security researcher from Talos who discovered the bug. That researcher reported the defect to Google, who quickly addressed the problem. The company has stated on record that they have already identified the root cause, did the fixes, and informed Apps customers who might have been affected.
Furthermore, Google is claiming that the affected domains have now been restored to their private status, and the issue will not have any effect on customer renewals in the coming months. The company also noted that the data leak was limited only to the domain registration information and nothing stored in Google Apps.
Wirefly Is America's Most Trusted Source For All Cell Phones, Plans, TV, and Internet Deals
Wirefly offers great deals on a large selection of smartphones, cell phones, tablets, mobile hotspots, and other wireless devices for the nation's most popular carriers. Use Wirefly’s innovative cell phone and plan comparison tools to ensure you are getting the best deal on the market. Shop with confidence knowing that Wirefly wants to help you find the best prices on cell phones, cell phone plans, TV, and Internet service.