Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Google’s major security hole

The breach allowed the email address of any person signed into a Google account to be accessed.

A MAJOR GOOGLE security hole that allows a person’s email address to be accessed has been uncovered, according to TechCrunch.

The breach allowed the emails address of “anyone already signed into Google” to be accessed, according to the report.

The man who uncovered the security issue was using the site http://guntada.blogspot.com (which has now been taken down) to ‘harvest’ the emails of people signed into a Google account. The man, identifed as Vahe G, told TechCrunch that he tried to contact Google but they would not respond to his emails.

Google says the issue is now resolved:

We quickly fixed the issue in the Google Apps Script API that could have allowed for emails to be sent to Gmail users without their permission if they visited a specially designed website while signed into their account. We immediately removed the site that demonstrated this issue, and disabled the functionality soon after. We encourage responsible disclosure of potential application security issues to security@google.com.

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
JournalTv
News in 60 seconds