homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google Finance, Govt, Policy and Business Issues
Forum Library, Charter, Moderators: goodroi

Google Finance, Govt, Policy and Business Issues Forum

Google Admits to User Data Disclosure

 12:45 pm on Jan 23, 2007 (gmt 0)

Google has confirmed that it unwittingly disclosed sensitive login and password information pertaining to more than a dozen users.

The information was disclosed three weeks ago as part of Google's freely accessible anti-phishing blacklist.

Google said in a written statement that the problem has since been fixed, and that procedures have been put in place to strip login information from future submissions.

Google Admits to User Data Disclosure [vnunet.com]



 2:24 pm on Jan 23, 2007 (gmt 0)

When dealing with information in that magnitude, mistakes happen. At least they didn't give it away for a price. And they were quick to plug the leak and do some PR and let the people know. I would be more concerned it was leaked that they purposefully gave it out.


 3:17 pm on Jan 23, 2007 (gmt 0)

URL that contains login data? Huh?


 4:17 pm on Jan 23, 2007 (gmt 0)

I remember reading somewhere that Google does not delete it's data at all, meaning that our entire history and thoughts are essentially there. IMO it's only a matter of time before a major leak occurs.


 4:32 pm on Jan 23, 2007 (gmt 0)

The information was collected when users submitted suspected phishing sites through the Google Toolbar browser extension. Several of the URLs that were submitted also contained login and password information.

Ok, so it wasn't a leak, per se. Users submitted sensitive URLs to Google, and Google automatically published them. I wouldn't really blame Google for that.


 5:35 pm on Jan 23, 2007 (gmt 0)

walkman, you have to be more specific when prophecizing a doomsday for google. A two minute search just revealed several of google's data practices. They vary based on service, but none appear to be as terrible as you suggest.


 8:13 pm on Jan 23, 2007 (gmt 0)

>> A two minute search just revealed several of google's data practices.

I will stand by my "doom and gloom" scenario. Data practices are all fine and dandy, but mistakes do happen, hackers do break in, and most importantly, the police will one day demand them.

For the record: this is not just about Google, it applies to all companies.


 12:01 am on Jan 24, 2007 (gmt 0)

That's why I tend to use screwgle.

If you've searched using Google, and you've had the same broadband connection at home for 2-3 years (and a static IP), there's a good chance GOOG knows what you've been thinking about for the past few years. If you use Adwords or AdSense, GOOG knows what income you make through GOOG (and your credit card and home/billing address). If your business depends heavily on GOOG PPC or natural SERP they could roughly estimate your business income. If you use Gmail, well - they know who you've been talking to.

That described me, and when I realised it, i started reducing my dependency on GOOG. That's why I avoid GOOG checkouts - it's another collection point of my personal info.

Matt Cutts' declaration in response to the DOJ subpoena mentioned that GOOG limits access to different areas of the company on a need to know basis; but this statement seemed to be more to emphasise the proprietary nature of the algo.

As anyone in large companies know, (even in financial services companies), multiple data stores aren't difficult to access. And it takes just one disgruntled employee who leaves the company to wreak havoc.

GOOG isn't to blame though, its our own personal choice as to how much information we give one entity.


 12:16 am on Jan 24, 2007 (gmt 0)

And just because you're paranoid, doesn't mean they're NOT out to get you!


 4:16 am on Jan 24, 2007 (gmt 0)

more than a dozen users

Even a million is more than a dozen. How many users are they talking about?


 5:05 am on Jan 24, 2007 (gmt 0)

More than a dozen usually means less than two dozen.


 9:42 am on Jan 24, 2007 (gmt 0)

Then they should have said 'less than two dozen'.


 3:03 pm on Jan 24, 2007 (gmt 0)

But the point is that it was a very small number of users, and the at-risk population was not Google's entire user base, but only the people who submitted sensitive URLs via the anti-phishing tool.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Google / Google Finance, Govt, Policy and Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved