It seems like tech giants don’t care about user’s privacy and safety. After Facebook, now it’s Google which has stored passwords in the form of plain text. On Tuesday, the tech giant disclosed a bug that left G Suite Enterprise’s passwords stored inappropriately for more than a decade. The flaw could have allowed Google employees to obtain credentials. Google disclosed the news through a blog post according to which the bug existed since 2005. The company assures that nobody has accessed and misused the crucial data. Besides, it is resetting passwords in that case and notifying administrators of G Suite about the glitch.
G Suite is an enterprise version of Gmail and Google’s other apps. It offers various tools, software and products developed by Google. Suzanne Frey, Google Cloud Trust’s vice president of engineering, said the bug hits only business users. Thus, the flaw will not affect users who are using the Google suite for free. The Google executive noted they are conducting a detailed investigation in case of G Suite. Frey stated the passwords remained safe in their secure encrypted infrastructure. Google has tracked the bug identified today to a tool developed in 2005. At the time, the widget allowed administrators to set passwords for new employees. But the application was faulty. Besides, the passwords stored using the tool were encrypted but did not use the hashing algorithm.
Google is not a single company to report data leak; other companies like Facebook, Instagram, and Twitter are also present in the queue. Publicly available database revealing credentials of Instagram influencers is the latest example of carelessness. Even Twitter reported the case back in March. At the time it recommended all 330 million users to change passwords. On the other hand, Facebook stored hundreds and millions of passwords as plain text which remained vulnerable to its employees.