Oops! Google Accidentally Leaked A Ton Of Info People Paid To Keep Private

Photographed by Jessica Nash
Sometimes, you do everything right to protect yourself from the evils out there, and some glitch in the matrix still gets you. Take, for instance, the roughly 280,000 people or businesses who registered their website domains with Google Apps and chose to keep their personal information hidden via eNom. They did this because otherwise, by searching WHOIS, anyone can see the name, email address, physical address and phone number of the person who registered the domain. For about $6 a year, eNom is supposed to keep that info hidden. Except it didn't.

According to Cisco's Talos security research group (via ArsTechnica.com), beginning in 2013, that private info began leaking out for every domain that was renewed. Oops. It took two whole years for someone at Cisco to discover the leak, on February 19, this year. Five days later, Google had fixed the problem (something to do with how their data was put into eNom's interface). But, it wasn't until two weeks after the discovery that Google actually bothered to email customers about what went down.

What does this all mean? On the plus side, as Cisco says, some of the owners of problematic sites (federalbureauinvestigation.com, hfcbankonline.com) may have been identified, so authorities can get to them. On the minus, everyone else who had legitimate reason to protect themselves wasn't. Phishing scams can use your address, phone number and email to get you to divulge other crucial information, so they can access your banks or your identity. Also, all that spam.  

The problem has been fixed, but two years of info hanging out there in the open for diligent hackers and identity thieves to grab can't be erased very quickly. Things get cached. Data is saved. Scammers can be very, very patient. If you think any of your information was leaked in this or any other manner, it's time to protect yourself in other ways: Check your credit reports, and be extra careful about what you share with people over the Internet. Also, look both ways before you cross the street. (Ars Technica)
Advertisement