Even companies that are normally quite good at providing security for their users occasionally wind up with egg on their faces.  Google is a classic case in point, in this instance.  Recently, the company announced that a bug in an older segment of their GSuite code base resulted in the recent discovery that the company had been storing customer passwords in an encrypted but un-hashed form for more than a decade.

Somehow, this bug managed to go undetected for a staggering fourteen years.  On discovering it, the company immediately corrected the issue, so there's nothing for GSuite users to do at this point. Although, the company is recommending that all GSuite Enterprise customers immediately change their passwords just to be safe.

The company also notes that only GSuite Enterprise customers were impacted.  If you're just a regular Gmail user, your password was not exposed in the manner described above.  Google's official statement about the matter reads, in part, as follows: "To be clear, these passwords remained in our secure encrypted infrastructure.  The issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords."

This is the second time in recent months that the company has found itself dealing with issues of exposed passwords in systems that were thought to be highly secure.  Again, this is proof positive that even the largest companies with generally good reputations where security is concerned can misstep.

GSuite Admins have been notified and instructed to reset all user passwords that had been set using the old tool. If you're one of the impacted users, odds are excellent that this has already been done.   If you're not sure, take the time to query your IT staff just to be sure that base is covered.

Be sure to download our free report - The Top 10 Ways Hackers Get Around Your Firewall And Anti-Virus To Rob You Blind by filling out the form on this page.

Want to receive more security tips? Sign up for our Weekly Security Tips to receive a new tip in  your email each week!

Used with permission from Article Aggregator