And it happened again from a big tech company. After Facebook, now Google has come in the same line as the later. Google said in a statement that since 2005, some of the passwords of G Suite users were stored in plaintext. It is not clear how many users were affected but, it is indeed not good on Google’s part.
Google vice president of engineering Suzanne Frey, stated that;
We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our encrypted internal systems unhashed. Our authentication systems operate with many layers of defense beyond the password, and we deploy numerous automatic systems that block malicious sign-in attempts even when the attacker knows the password.
In addition, we provide G Suite administrators with numerous two-step verification (2SV) options. We take the security of our enterprise customers extremely seriously, and pride ourselves in advancing the industry’s best practices for account security. Here we did not live up to our own standards
The password was typically mixed up with algorithms to prevent human to read them. But, in April, Google came across this issue after implementing password setting and recovery for its enterprise.
Suzanne Frey added;
No consumer Gmail accounts were affected by the security lapse. To be clear, these passwords remained in our secure encrypted infrastructure. This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords. This issue has been fixed and, again, we have seen no evidence of improper access to or misuse of the affected passwords.
After Facebook, Google is another tech giant that has admitted to storing user password in plaintext. Moreover, the belief in such tech giants maintaining and securing our private data is strongly affected and in one or the other way these companies are always in news for the poor data security.