Google antiphishing site exposes private user data

1777 January 23rd, 2007

Google has removed a few user names and passwords posted inadvertently to a phishing blacklist it compiles and makes publicly available on the Web, the Mountain View, California, company said Monday.

The login information was contained in 15 URLs submitted through Google’s Firefox toolbar, which lets users report Web pages they suspect to belong to phishing sites. Most of the URLs on the list didn’t have login information.

Google said it also has implemented a mechanism that detects when a submitted URL contains login data and prevents that information from getting posted to the list.

“We are in the process of notifying the users who inadvertently disclosed this information and suggesting that they reset associated passwords,” Google said in an e-mailed statement.

InfoWorld 

 


© 2014 DP's Security Bits.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in