Google is struggling with a security flaw in G Suite caused by a password storage problem.
“Both Google administrators and people outside the company can access passwords.”
According to technological statements, the bug has only affected a small number of users, mainly business and corporate accounts, which are usually exposed to more specific risks.
Normally, Google stores passwords on its servers through a cryptographic process called “hash”. However, when G Suite users request password recovery, the system stores the passwords in a control panel infrastructure, in a format known as plaintext.
Plaintext is an unencrypted storage format similar to that used in Windows notes (.text). Through this format, both Google administrators and people outside the company can access passwords, exposing the privacy of users.
So far Google has suspended those functions that registered the passwords in plaintext. However, the bug has not yet been completely eliminated.
This is not the first time that an error of this type has occurred. In the past, Twitter and Facebook had already faced data storage problems in plaintext.
The common problem is that, initially, many apps and websites used basic security systems where the information was not necessarily encrypted.
This situation has led to large technology corporations, such as Google or Facebook, suffering frequent security breaches and violations of storage systems.
For many users it is worrisome that their data are accessible to the public and that they are not properly protected by cybersecurity systems.
The negligence of the great technicians in the care of the personal data of its users continues to be one of the main problems of today and until companies do not decide to repair their past mistakes, more leaks and exposures will continue to occur.