Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Google OAuth Flaw Exposes Sensitive Data

January 15, 2025
Reading Time: 2 mins read
in Alerts
Google OAuth Flaw Exposes Sensitive Data

New research has revealed a vulnerability in Google’s “Sign in with Google” authentication system that can be exploited through a quirk in domain ownership. Truffle Security discovered that if an attacker buys a defunct startup’s domain, they could potentially access old employee accounts linked to various applications like Slack, Zoom, and HR systems. While the flaw does not provide direct access to old email data, it enables unauthorized login to a range of SaaS platforms, putting millions of American users’ data at risk.

The vulnerability stems from how Google’s OAuth system uses domain ownership and user email addresses to authenticate users. When an account is closed, its associated domain might be sold or re-registered, allowing an attacker to create new email accounts linked to the same domain. This gives the attacker the ability to access accounts on third-party services, which may store sensitive information like tax documents, social security numbers, and candidate feedback from interview platforms. According to Truffle Security, HR systems, in particular, contained highly sensitive information.

Google initially dismissed the issue, claiming it was intended behavior:

Although Google initially dismissed the issue, claiming it was intended behavior, the company has since re-opened the bug report after being informed of its potential impact. As of December 2024, Google awarded the researcher a bounty for the discovery and acknowledged that the vulnerability could cause significant harm. Google has also suggested that users follow security best practices, including deleting user data when an account is closed, to reduce the risk of such breaches. They recommended that downstream software providers implement additional safeguards by using unique account identifiers to prevent unauthorized access.

The vulnerability highlights the challenges companies face when managing user data, especially when it involves third-party applications and services. As Truffle Security co-founder Dylan Ayrey points out, once an individual is off-boarded from a startup, they lose control over the security of their accounts. The absence of immutable user identifiers in many systems, like Google’s OAuth, makes it easier for domain ownership changes to compromise user accounts. This issue underscores the need for stronger, more secure authentication practices in the digital age.

Reference:
  • Google OAuth Flaw Exposes Millions to Data Breach Risk via Domain Ownership Change
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityJanuary 2025
ADVERTISEMENT

Related Posts

Hackers Revive SEO Poisoning

Hackers Revive SEO Poisoning

July 10, 2025
Hackers Revive SEO Poisoning

RondoDox Botnet Exploits Router Flaws

July 10, 2025
Hackers Revive SEO Poisoning

ServiceNow Data Exposure via ACLs

July 10, 2025
Hackers Use Leaked Shellter License Malware

Windows BitLocker Vulnerability Flaw

July 9, 2025
Hackers Use Leaked Shellter License Malware

Hackers Use Leaked Shellter License Malware

July 9, 2025
Hackers Use Leaked Shellter License Malware

Anatsa Android Trojan Targets 90K Users

July 9, 2025

Latest Alerts

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

Subscribe to our newsletter

    Latest Incidents

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    Norwegian Municipalities Hit by Data Breach

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial