Leaked Google database affects cars caught on Google Maps, children's privacy, and more

[Aquaman]

Thousands of privacy incidents at Google have been uncovered for the first time.

By Matt Binder  on June 4, 2024

Share on FacebookShare on TwitterShare on Flipboard

 

An internal Google database leak has revealed many privacy incidents at the company for the first time. Credit: Chesnot/Getty Images

---

A new internal database leak has revealed thousands of privacy incidents at Google over a span of six years, many of which had not been publicly known about before.

The Google leak, obtained and first reported on by tech outlet 404 Media, includes a range of privacy issues across a number of Google products that affected a broad user base including children, car owners, and even video-game giant Nintendo.

Leaked Google database reveals significant privacy breaches

The database consisted of privacy incidents reported internally by Google employees in order for the issue to be investigated and fixed. 404 Media received the internal Google database from an anonymous source. The outlet has verified the legitimacy of the leak and Google has confirmed it as well.

“At Google, employees can quickly flag potential product issues for review by the relevant teams," Google said in a statement provided to 404 Media. "When an employee submits the flag they suggest the priority level to the reviewer. The reports obtained by 404 are from over six years ago and are examples of these flags—every one was reviewed and resolved at that time. In some cases, these employee flags turned out not to be issues at all or were issues that employees found in third party services.”

Thousands of privacy incidents are detailed in the Google database. Here are some of the biggest ones.

Childrens' privacy affected

The incident potentially affecting the most users involved Socratic, a homework helper app that Google acquired in 2019. According to the leaked database, more than one million users' email addresses were publicly available on the page source of the Socratic.org website. Furthermore, the emails, along with other sensitive data like IP addresses, were available for any bad actor to scrape for over a year before the issue was addressed. The impacted users included children.

Mashable Light Speed

Want more out-of-this world tech, space and science stories?

Sign up for Mashable's weekly Light Speed newsletter.

Sign Me Up

By signing up you agree to our Terms of Use and Privacy Policy.

In fact, children were found to be affected in a number of these privacy incidents in the Google database. For example, childrens' voices were accidentally being logged in the YouTube Kids app at one point. In a separate incident, one thousand childrens' speech data was recorded and logged in a Google speech service. The database also lists an incident where a filter that was supposed to stop audio recordings feature children was "not correctly applied"