Numerous data security breaches were identified years later.
As a result of leaks and data security issues that occurred at Google over the past six years, personal data of users, including children, was affected. According to an internal database of the company obtained by journalists of the publication 404 Media, among the identified incidents were cases of collecting voice data of children, leaks of home addresses of users, as well as recommendations on YouTube based on deleted browsing history.
Each of the incidents individually, most of which have not previously been reported publicly, can affect a relatively small number of people. Overall, however, the merged database shows how one of the most powerful and important companies in the world manages a staggering amount of sensitive data and often mismanages it.
So, in one of the identified incidents that occurred back in 2016, the Google Street View system began to save car license plate numbers en masse, taking them, allegedly by mistake, for plain text. The incident was soon resolved, and the data obtained was then deleted, however, in fact, the company for some time collected the data that it was not authorized to collect.
In another incident, the site "Socratic[.]org", acquired by Google, accidentally made public more than a million email addresses of users, including children. In the same leak, geolocation data and IP addresses of some users were available. The problem was also fixed, but the data could be secretly exploited by attackers for a whole year.
In another case, Google's speech recognition service accidentally collected about 1,000 children's voice data, which it also had no right to save. All recorded data was deleted after the error was detected.
In another incident involving Google's cloud service intended for government agencies, the company accidentally transferred its product to the consumer level, which led to a possible data leak outside the United States.
Among other incidents, Google employees identified:
The data obtained by 404 Media was verified by an anonymous source and partially confirmed by Google itself. The latter, by the way, stated that all identified incidents were reviewed and resolved at the time of their discovery. Some of them did not turn out to be real problems or related to third-party services.
Be that as it may, all this underscores the need for users to constantly monitor their information, as well as develop some healthy skepticism and distrust of large corporations. Even if they promise to treat your data carefully, this does not mean that this will actually happen.
As a result of leaks and data security issues that occurred at Google over the past six years, personal data of users, including children, was affected. According to an internal database of the company obtained by journalists of the publication 404 Media, among the identified incidents were cases of collecting voice data of children, leaks of home addresses of users, as well as recommendations on YouTube based on deleted browsing history.
Each of the incidents individually, most of which have not previously been reported publicly, can affect a relatively small number of people. Overall, however, the merged database shows how one of the most powerful and important companies in the world manages a staggering amount of sensitive data and often mismanages it.
So, in one of the identified incidents that occurred back in 2016, the Google Street View system began to save car license plate numbers en masse, taking them, allegedly by mistake, for plain text. The incident was soon resolved, and the data obtained was then deleted, however, in fact, the company for some time collected the data that it was not authorized to collect.
In another incident, the site "Socratic[.]org", acquired by Google, accidentally made public more than a million email addresses of users, including children. In the same leak, geolocation data and IP addresses of some users were available. The problem was also fixed, but the data could be secretly exploited by attackers for a whole year.
In another case, Google's speech recognition service accidentally collected about 1,000 children's voice data, which it also had no right to save. All recorded data was deleted after the error was detected.
In another incident involving Google's cloud service intended for government agencies, the company accidentally transferred its product to the consumer level, which led to a possible data leak outside the United States.
Among other incidents, Google employees identified:
- numerous errors in filters designed to protect children's voice data;
- modifications of customer accounts in AdWords for manipulating affiliate codes;
- leak of home addresses of users of the Waze carpool service;
- unauthorized access to private videos on your Nintendo YouTube account;
- compromise of Google employee payment data through Sabre agency;
- leaked audio data via the Android keyboard.
The data obtained by 404 Media was verified by an anonymous source and partially confirmed by Google itself. The latter, by the way, stated that all identified incidents were reviewed and resolved at the time of their discovery. Some of them did not turn out to be real problems or related to third-party services.
Be that as it may, all this underscores the need for users to constantly monitor their information, as well as develop some healthy skepticism and distrust of large corporations. Even if they promise to treat your data carefully, this does not mean that this will actually happen.
