Google Accidentally Leaked 283,000 Website Owners’ Personal Details

Reports said the fault first appeared back in mid-2013 but it has only recently been discovered and fixed.

The error was identified by security researchers at Cisco.

Craig Williams, senior technical leader for Cisco’s Talos research group who discovered the issue, said he stumbled across the problem last month while doing research on domains associated with malware.
Cisco Talos said the vulnerability affects websites registered via Google Apps for work, using the registrar eNom.

The privacy breach involves whois, a database that contains contact information for people who have bought domain names.

The owners of the websites in question had all opted into “WHOIS privacy protection,” which means owners can elect to make information private, often by paying an extra fee. So if someone WHOISes — or queries — the website, the personal details of the individual who registered it are hidden.

Nearly 306,000 websites domains were registered this way but Cisco found that 282,867 or 94% of them have had their personal details unmasked due to a fault in Google’s code.


By Harry

2 thoughts on “Google accidentally leaked WHOIS information of 283 thousand website owners details”
  1. Oh this is a very big mistake. Privacy protection exists for a reason. People need to learn to have fake whois and then use privacy protection as well as a double security layer.

Comments are closed.