Companies Exposing Messages from Google Groups due to Improper Configuration
The RedLock CSI team has discovered hundreds of Google Groups that have publicly exposed messages containing sensitive information. The Google Groups misconfiguration has led to the exposure of sensitive data such as personally identifiable information (PII) at hundreds of organizations.
The problem is occurring because many organizations are accidentally choosing “Public on the internet” under “Outside this domain – access to groups” during configuration. Google says that users should set this instead to “Private.”
Return To Article
