21 votes

The leak of an internal Google database reveals thousands of potential privacy and security issues reported by employees

Posted June 3 by shiruken

Tags: google, privacy, security.cyber, leaks.data, databases, business, work, employees, author.joseph cox, source.404media, short read

https://www.404media.co/google-leak-reveals-thousands-of-privacy-incidents/

Link information

This data is scraped automatically and may be incorrect.

Title: Google Leak Reveals Thousands of Privacy Incidents
Published: Jun 3 2024
Word count: 287 words

4 comments

[2]
CannibalisticApple
June 3
Link
The headline sounded so alarming to me, but reading it feels like it's not as bad. Most of the incidents are small glitches, bugs, accidents, etc., including issues with third-party vendors and...

The headline sounded so alarming to me, but reading it feels like it's not as bad. Most of the incidents are small glitches, bugs, accidents, etc.,
including issues with third-party vendors and thus not a direct fault of Google. It seems to just be a standard database logging all reports for record-keeping purposes.

With how massive Google is, I'd expect things to slip through the cracks because there's never a perfect software rollout right off the bat. People are fallible, and it's easy to miss some issues in initial testing. What matters to me is the response, and it sounds like Google does its best to fix issues quickly once brought to their attention. I think the fact the database is so extensive is probably a good thing, since it shows they have a process for employees to report issues so they can address them.

Though the Google employee leaking the Nintendo videos is pretty crazy. Was wondering how it could be ruled "probably unintentional", but looks like the employee wanted to share the news privately with a friend rather than leaking it to the internet themselves. Still a breech, but I guess in the grand scale of things it's a minor one.

12 votes
1. Wes
  June 3
  Link Parent
  I'm impressed by the process too. So much of corporate culture is based around the idea of Covering Your Ass, but here they have a process for reporting incidents to address them quickly, and to...
  
  I think the fact the database is so extensive is probably a good thing, since it shows they have a process for employees to report issues so they can address them.
  
  I'm impressed by the process too. So much of corporate culture is based around the idea of Covering Your Ass, but here they have a process for reporting incidents to address them quickly, and to prevent them from recurring. Based on 404's own reporting, the incidents were typically addressed by deleting the data and logging the failing.
  
  I suspect the majority of large companies would prefer instead to erase all evidence of wrongdoing, rather than use it as an opportunity to improve. I'm honestly surprised that this process can even work at a company of this size.
  
  6 votes
shiruken (OP)
June 3
Link
Archive.is link for anyone that doesn't want to sign in/up

Archive.is link for anyone that doesn't want to sign in/up

5 votes
shiruken (OP)
June 3
Link
Related story: Google Contractor Used Admin Access to Leak Info From Private Nintendo YouTube Video (Archive.is link)

Related story: Google Contractor Used Admin Access to Leak Info From Private Nintendo YouTube Video (Archive.is link)

4 votes