Brian Krebs reports: Google is reminding organizations to review how much of their Google Groups mailing lists should be public and indexed by Google.com. The notice was prompted in part by a review that KrebsOnSecurity undertook with several researchers who’ve been busy cataloging thousands of companies that are using public Google Groups lists to manage customer support and in some cases sensitive internal communications. Google Groups is a service from Google that provides discussion groups for people sharing common interests. Because of the organic way Google Groups tend to grow as more people are added to projects — and perhaps given the ability to create public accounts on otherwise private groups — a number of organizations with household names are leaking sensitive data in their message lists. Many Google Groups leak emails that should probably not be public but are nevertheless searchable on Google, including personal information such as passwords and financial data, and in many cases comprehensive lists of company employee names, addresses and emails. Google has outlined instructions on how to secure the discussion boards.
of this story at Slashdot.
Source:: Slashdot