Google Groups misconfiguration leads to sensitive data leaks

Zeljka Zorz reports:

If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”.

According to RedLock researchers, many companies fail to do so, most probably by accident, and end up exposing messages containing sensitive information on the internet.

By searching for publicly exposed Google Groups within the top 1,000 most visited websites on Alexa, the researchers found hundreds of them, containing information such as PII, employee salary details, customer passwords, and so on.

Read more on HelpNetSecurity.

About the author: Dissent