Google – G Suite Users Passwords were Stored in Plain-text Since 2005

G Suite

The search Giant Google has disclosed that a small number of it’s enterprise customers “mistakenly” had their passwords stored in Plain-text.

Google announced on Tuesday via their blog post.They revealed that the G-Suite platform mistakenly stored unhashed passwords of some of it’s enterprise users in plaintext for 14 years.

“We made an error when implementing this functionality back in 2005: The admin console stored a copy of the unhashed password. This practice did not live up to our standards. To be clear, these passwords remained in our secure encrypted infrastructure.”

According to Google,the issues has been fixed and there is no evidence of improper access to the password or misuse of affected passwords.

“This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.”

G Suite which was formerly known as Google Apps,is a collection of cloud computing productivity and collaboration tools that is designed for cooperate users with email hosting for their business.

Google becomes the latest company to have admitted storing sensitive data in plaintext in the past year. Facebook announced in March that “hundreds of millions” of Facebook and Instagram passwords were stored in plaintext. Twitter and GitHub also admitted similar security lapses last year.

It has been verified that Google has indeed sent Notification to affected customers.According to the notification. Starting from Wednesday May 22, 2019 they will enforce a password change unless it has been changed prior to the time.

G Suite
Notification sent to Affected Users

Google also stated their new Password Update Methodology in the notification sent to affected customers.

 

Total
0
Shares
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Prev
TeamViewer was Breached by Chinese Hackers in 2016
Teamviewer Hacked

TeamViewer was Breached by Chinese Hackers in 2016

Teamviewer, one of the most popular software in the world that allows users to

Next
Truecaller – Was there a Data Breach on Truecaller?
Truecaller Data breach

Truecaller – Was there a Data Breach on Truecaller?

Truecaller is a caller Id and spam blocker application with over with over

You May Also Like
0
Would love your thoughts, please comment.x
()
x