Your Google Calendar Settings May Be Sharing Your Info - Olmec Skip to main content

Your Google Calendar Settings May Be Sharing Your Info

By September 25, 2019May 16th, 2022Technology News

Twelve years ago, Google introduced a new feature to Google Calendar that allowed users to share their calendars with others.  It’s a great feature and invaluable in a corporate environment because it gives teams an easy way to collaborate.  Google itself even touted the “make it pubic” feature of their calendar as being a cool way to use their search engine to discover upcoming events.

Unfortunately, as with most things, there’s a potential downside.  Recently, a security researcher named Avinash Jain discovered more than 8,000 publicly accessible Google Calendars, searchable via Google’s own search engine.  Many of these calendars contain sensitive information (which is bad enough), but worse, they allow any user to add new events that can cause real harm to the system hosting the calendar. This is done via maliciously crafted events or poisoned links.

As Avinash Jain reports:

“I was able to access public calendars of various organizations leaking out sensitive details like their email IDs, their event name, event details, location, meeting links, zoom meeting links, google hangout links, and much, much more.

This is more of an intended setting by the users and intended behavior of the service. The main issue however, is that anyone can view anyone’s public calendar, add anything on it – just by a single search query without being shared the calendar link.

Jain goes onto say that several calendars belonging to many of the top 500 Alexa company’s employees were made public, which is certainly cause for concern.

This most recent finding adds to the chorus already warning of the dangers of calendar sharing.  Just a few months ago, researchers from Kaspersky Lab discovered scammers abusing Google Calendar in a variety of ways. For example, there were phishing scams that contained poisoned links masquerading as google calendar event links.

Stay vigilant and be sure you have all employees check their Google Calendar security settings so you’re not revealing more than you intended to.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.