Google Workspace Glitch: Hackers Had a Field Day with Email Verification Flaw

Google Workspace had a glaring vulnerability allowing hackers to bypass email verification and impersonate users. Crooks exploited this flaw to sign into third-party services using “Sign in with Google.” Google fixed the issue within 72 hours, but some users claim the problem persisted for months.

3P
Published: July 29, 2024 11:06 amAdded: July 29, 2024 at 4:16 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, it looks like Google’s “Sign in with Google” feature was more like “Sign in with Gullible” for a hot minute there. If only hackers could put their creativity into something more productive, like making a better cat meme generator!

Key Points:

  • Google Workspace had a vulnerability in its email verification process.
  • Hackers exploited this to access third-party services using “Sign in with Google”.
  • The flaw allowed the use of one email to sign in and another to verify the token.
  • Google claims to have fixed the issue within 72 hours of discovering it.
  • Reports suggest the flaw might have been exploited for up to two months.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?