wordpress blog stats
Connect with us

Hi, what are you looking for?

Google leaks whois data of 282,000 domains registered through Google Apps for Work


Google has accidentally leaked the complete hidden whois data attached to over 282,000 domains registered through the company’s Google Apps for Work service, reports ArsTechnica. The bug accounted for 94 percent of the addresses Google Apps had registered through a partnership with eNom.

Google partners with various domain registrars to register domains. However, this whois privacy issue only impacted customers with domains at eNom. Essentially, eNom provides whois data shielding for domains owners, publicizing the data only when it receives a court order to do so. However in this case, a bug caused the privacy guard to turn off when a domain name was renewed, leaving customer data exposed.

Whois is a query and response protocol that is used for querying databases that store the registered users of a domain name or an IP address block among other things. In this case, the personal data entered by users during domain registration was publicly displayed through whois queries instead of eNom’s placeholder info.

According to the report, the unmasking started sometime in mid-2013, although the issue was discovered only in February this year. The issue was fixed a week later; however, whois information is cached for archival purposes, and the information that was available can still be discovered and retrieved. No country-wise breakup was provided for the leak, so its not clear which users were affected.

Note that in most cases people do provide false information for most online registrations, and domain registrations are no exception. This makes it hard to predict how many people were really affected by the error, although its noteworthy that eNom is a paid service that charges an additional $6 per year for avoiding exactly the kind of data expose that the company ended up aiding.

After the recent Uber case and the issue that we chased a few months ago about warranties on goods sold online, we had spoken on the responsibility, accountability and liability of platforms, marketplaces and aggregators. We had mentioned then that in cases like these, its not clear who is accountable, the platform or the service? Read more on this here.

Gemalto Saga: Last month, SIM card provider Gemalto admitted that the hacking operation by the NSA and GCHQ did happen between 2010 and 2011. According to the company, India was among the nine countries where mobile operators were targeted. The hacking of Gemalto’s internal network by American and British was based on documents provided by whistleblower Edward Snowden.

Read also:

Cyber Wars: Pakistani firm stealing info from Indian govt & defence establishments

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Google has closed its deal to acquire fitness wearables company Fitbit, even as probes by competition regulators in the United States and Australia are...


Google has sent emails to several digital lending mobile applications on its Play Store, requiring their operators to submit details of their regulatory and...


WhatsApp has reiterated in a blog post on Tuesday that the service is end-to-end encrypted and neither it or Facebook can see messages. It...


Links to private WhatsApp group chats have been indexed on Google search results, the Indian Express reported. The exposure was surfaced by security researcher...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ