Researchers at cloud security firm RedLock believe hundreds of organizations may be exposing highly sensitive information by failing to properly configure Google Groups.
Google Groups is a service that allows users to create and take part in online forums and email-based groups. When a group is configured, its creator has to set sharing options for “Outside this domain – access to groups” to either “Private” or “Public on the Internet.”
RedLock’s Cloud Security Intelligence (CSI) team noticed that many Google Groups for Business users have allowed access to their groups from the Internet, and in some cases the configuration error has resulted in the exposure of sensitive information.
