G Suite of Google stored passwords in plain text
Google has notified G Suite users and administrators that it had stored plain text passwords since 2005, due to a failure in the platform's administration console. G Suite, formerly Google Apps, is a collection of productivity and collaboration tools designed for corporate users.
The company has clarified that this security flaw has only affected business users, so users of the free version have not been affected.
The credentials, Google explains, remained on its encrypted servers. The problem has been fixed and no evidence of misuse of the affected passwords has been found.
References:
- 21/05/2019 cloud.google.com Notifying administrators about unhashed password storage
- 21/05/2019 bleepingcomputer.com Google Stored Unhashed G Suite Passwords for Over a Decade
- 22/05/2019 databreachtoday.com Google Stored Unhashed G Suite Passwords for Years
- 22/05/2019 genbeta.com Google almacenó contraseñas en texto plano desde 2005