Service Google Apps for Work, among other things, allows you to register a domain name on the Internet. Google to register domains through third-party hosts, in particular, the company eNom. Through Google on their eNom domains registered 305,925 users, while users free of charge provided the ability to hide your personal information from WHOIS-service.
Despite this, information about 282,867 domain owners leaked to the Internet. Data leakage was detected by experts from Cisco, and at the moment, Google has removed the problem that led to the "drain" of personal data.
The problem was that eNom takes charge for the protection of personal data at a rate of $ 6 per year.The partnership with Google stipulates that users register their domain names through Google Apps for Work, will have access to this feature for free. But protection system worked only 1 calendar year - with an annual renewals for hosting data protection is not extended automatically.
Corporation for Assigned Names and IP-based ICANN commits to accompany the registration of domain names personal data that are necessary in the case of analysis of claims and disputes. Often form is filled with false data, but this information can lead one to the user.
"The risk is that the people whose information has been made public, may now be in danger as a result of the set due to their domain. For example, now that spammers and scammers will be able to send to victims of phishing emails with their complete set of personal data, which will make deception even more plausible. According herself eNom, also possible theft of personal data. Those who have suffered from leaks, must now carefully use the Internet, and use antivirus and antispam applications" -soobschaet Cisco in its report.
Google has already made a statement about the leak:
"Experts in Security Studies recently discovered vulnerability in Google Apps Integration with eNom. We have found the cause, held activities to eliminate and now early announcement of victims. We apologize for all the difficulties associated with this error".
