Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Google OAuth Flaw Exposes Sensitive Data

January 15, 2025
Reading Time: 2 mins read
in Alerts
Google OAuth Flaw Exposes Sensitive Data

New research has revealed a vulnerability in Google’s “Sign in with Google” authentication system that can be exploited through a quirk in domain ownership. Truffle Security discovered that if an attacker buys a defunct startup’s domain, they could potentially access old employee accounts linked to various applications like Slack, Zoom, and HR systems. While the flaw does not provide direct access to old email data, it enables unauthorized login to a range of SaaS platforms, putting millions of American users’ data at risk.

The vulnerability stems from how Google’s OAuth system uses domain ownership and user email addresses to authenticate users. When an account is closed, its associated domain might be sold or re-registered, allowing an attacker to create new email accounts linked to the same domain. This gives the attacker the ability to access accounts on third-party services, which may store sensitive information like tax documents, social security numbers, and candidate feedback from interview platforms. According to Truffle Security, HR systems, in particular, contained highly sensitive information.

Google initially dismissed the issue, claiming it was intended behavior:

Although Google initially dismissed the issue, claiming it was intended behavior, the company has since re-opened the bug report after being informed of its potential impact. As of December 2024, Google awarded the researcher a bounty for the discovery and acknowledged that the vulnerability could cause significant harm. Google has also suggested that users follow security best practices, including deleting user data when an account is closed, to reduce the risk of such breaches. They recommended that downstream software providers implement additional safeguards by using unique account identifiers to prevent unauthorized access.

The vulnerability highlights the challenges companies face when managing user data, especially when it involves third-party applications and services. As Truffle Security co-founder Dylan Ayrey points out, once an individual is off-boarded from a startup, they lose control over the security of their accounts. The absence of immutable user identifiers in many systems, like Google’s OAuth, makes it easier for domain ownership changes to compromise user accounts. This issue underscores the need for stronger, more secure authentication practices in the digital age.

Reference:
  • Google OAuth Flaw Exposes Millions to Data Breach Risk via Domain Ownership Change
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityJanuary 2025
ADVERTISEMENT

Related Posts

DevOps Servers Hit By JINX0132 Crypto Mine

Fake FB Ban Fix Extension Steals Accounts

June 3, 2025
DevOps Servers Hit By JINX0132 Crypto Mine

Actively Exploited Chrome V8 Flaw Patched

June 3, 2025
DevOps Servers Hit By JINX0132 Crypto Mine

DevOps Servers Hit By JINX0132 Crypto Mine

June 3, 2025
Linux Core Dump Flaws Risk Password Leaks

Linux Core Dump Flaws Risk Password Leaks

June 2, 2025
Linux Core Dump Flaws Risk Password Leaks

GitHub Code Flaw Replicated By AI Models

June 2, 2025
Linux Core Dump Flaws Risk Password Leaks

Google Script Used In New Phishing Scams

June 2, 2025

Latest Alerts

Fake FB Ban Fix Extension Steals Accounts

Actively Exploited Chrome V8 Flaw Patched

DevOps Servers Hit By JINX0132 Crypto Mine

Linux Core Dump Flaws Risk Password Leaks

GitHub Code Flaw Replicated By AI Models

Google Script Used In New Phishing Scams

Subscribe to our newsletter

    Latest Incidents

    Cartier Data Breach Exposes Client Info

    White House Chief of Staff’s Phone Hacked

    The North Face Hit By 4th Credential Hack

    Covenant Health Cyberattack Shuts Hospitals

    Moscow DDoS Attack Cuts Internet For Days

    Puerto Rico’s Justice Department Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial