Skip to main content

Google Bug Exposed Passwords For Some GSuite Enterprise Customers

By June 12, 2019May 17th, 2022Cybersecurity

Even companies that are normally quite good at providing security for their users occasionally wind up with egg on their faces.  Google is a classic case in point, in this instance.  Recently, the company announced that a bug in an older segment of their GSuite code base resulted in the recent discovery that the company had been storing customer passwords in an encrypted but un-hashed form for more than a decade.

Somehow, this bug managed to go undetected for a staggering fourteen years.  On discovering it, the company immediately corrected the issue, so there’s nothing for GSuite users to do at this point. Although, the company is recommending that all GSuite Enterprise customers immediately change their passwords just to be safe.

The company also notes that only GSuite Enterprise customers were impacted.  If you’re just a regular Gmail user, your password was not exposed in the manner described above.  Google’s official statement about the matter reads, in part, as follows: “To be clear, these passwords remained in our secure encrypted infrastructure.  The issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.”

This is the second time in recent months that the company has found itself dealing with issues of exposed passwords in systems that were thought to be highly secure.  Again, this is proof positive that even the largest companies with generally good reputations where security is concerned can misstep.

GSuite Admins have been notified and instructed to reset all user passwords that had been set using the old tool. If you’re one of the impacted users, odds are excellent that this has already been done.   If you’re not sure, take the time to query your IT staff just to be sure that base is covered.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.