Google Has Stored Users' Passwords Insecurely For More Than A Decade

After the ashes from a bunch of privacy scandal from social networks like Facebook and Twitter, the search giant seems to take part in a similar problem. While Facebook and Twitter were once investigated to store their users’ passwords as plaintext in the internal servers, Google also had a bug that could allow its workers to see those login credentials.

On Tuesday, a spokesperson wrote in a blog post to notify its G Suite users about this serious breach. It said their passwords were not encrypted as being stored on Google internal servers. This means anybody who wants to read them was able to do it because it’s completely kept in plain text. Google said it has already notified admins who are affected by the bug as well. The company has found out a separate bug since this January, which was said to keep those passwords insecurely for about two weeks.

In addition, Suzanne also claimed that this bug has not affected anyone who is using the service for free. Instead, those who are using business plans were involved in this privacy issue. However, it remains unclear about the exact number of affected customers.

In its blog post, the company revealed that the bug lasted more than the last 14 years. One of the main reasons that could answer why only enterprise customers got in the trouble could be traced back to 2005. As a result, the tool stored all copies of encrypted passwords.

It’s should be further noted that hundreds of millions of user passwords of other internet giants were exposed for years but it was just discovered a few months ago.