Categories: OutsourcingProjects

Google Staff Data Is Exposed After Email Mishap

Staff at Google have had their personal details exposed after another vendor accidentally leaked their data in an email mishap, highlighting data privacy concerns when confidential data is outsourced to a third party.

The idenity of the “third party vendor” in question is not known, nor has the number of impacted Google staff been disclosed.

What we do know is that Google alerted its staff to the data breach on Monday after an email containing the sensitive information was sent from the unnamed company, to another company. Google posted a copy of the staff letter on the Californian Attorney General’s website.

Email Mishap

“We recently learned that a third-party vendor that provides Google with benefits management services mistakenly sent a document containing certain personal information of some of our Googlers to a benefits manager at another company,” Teri Wisness, Google’s director of US Benefits said in the letter.

“Promptly upon viewing the document, the benefits manager deleted it and notified Google’s vendor of the issue. After the vendor informed us of the issue, we conducted an investigation to determine the facts.”

Personal data that has been leaked includes Google staff names and social security numbers.

Thankfully, Google said that no other information about its staff or their benefits was leaked, and neither was any information regarding dependants or family members of Google staff.

“We have no evidence that any of your information has been misused as a result of this incident, and computer access logs indicate that no other individuals viewed your information before it was deleted,” added Wisness. “In addition, the benefits manager has confirmed that she did not save, download, disclose or otherwise use the information contained in the document.”

Wisness said Google regretted that incident had occurred, and is “working with the vendor to help ensure that this type of issue does not happen again.”

Google staff were offered two years of free identity protection and credit monitoring services and also sent a federal reference guide with more advice and were told where they could access free credit reports.

Outsourcing Privacy?

The Google incident reveals the potential safeguarding headaches for companies when they opt to outsource internal processes that utilise sensitive data.

Companies of course can take steps to protect their data internally, but data can be compromised when a third party vendor is involved. Many experts recommend detailing the data safeguarding requirements in the contract or service level agreement (SLA).

Tripwire earlier this year revealed the top five data privacy mistakes businesses make. Mistakes include failure to encrypt the data, not securing access paths, and not monitoring or controlling simple misconfigurations.

Think you know all about privacy? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

OpenAI In Talks With California Over For-Profit Shift

OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…

2 hours ago

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

2 hours ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

3 hours ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

3 hours ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

4 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

4 hours ago