skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Google OAuth Flaw Exposes Millions of Accounts to Risks

/ 1 min read

🌐🕳️ Google’s OAuth flaw exposes millions of accounts to potential data breaches. A significant vulnerability in Google’s “Sign in with Google” authentication allows individuals to access accounts of former employees from defunct startups by purchasing their old domains. This issue arises because Google’s OAuth system does not adequately protect against domain ownership changes, enabling unauthorized access to sensitive data across various SaaS platforms. With over 6 million Americans working in tech startups, and 90% of these startups failing, the potential for data compromise is vast, affecting more than 10 million accounts. Although Google has acknowledged the issue and reopened a vulnerability ticket, a definitive fix has yet to be implemented, leaving many users’ data at risk.

Source
{entry.data.source.title}
Original