Tue, Jan 23 2007 13:10 Don

Google antiphishing site exposes private user data

Google has removed a few user names and passwords posted inadvertently to a phishing blacklist it compiles and makes publicly available on the Web, the Mountain View, California, company said Monday.

The login information was contained in 15 URLs submitted through Google's Firefox toolbar, which lets users report Web pages they suspect to belong to phishing sites. Most of the URLs on the list didn't have login information.

Google said it also has implemented a mechanism that detects when a submitted URL contains login data and prevents that information from getting posted to the list.

"We are in the process of notifying the users who inadvertently disclosed this information and suggesting that they reset associated passwords," Google said in an e-mailed statement.

InfoWorld 

 

Filed under: