Google Security Breach Discloses What Google Knows About You

Barksdale was a Site Reliability Engineer, who had deep access to private accounts spanning multiple Google services.

After AOL user search logs were leaked in 2006 we quickly learned...

By Ruud Hein |

A story broke that Google fired an employee for using his position within the company to gain access to private information.

[…] tapped into call logs from Google Voice […] accessed contact lists and chat transcripts […] unblocked himself from a Gtalk buddy list […]

The fired employee, David Barksdale (27), was a Site Reliability Engineer. SRE’s have almost complete access to Google’s most sensitive user data as they have to be able to troubleshoot problems with the core software that stores this personal information and functions with it.

SRE’s can access this information on-site or from remote locations. Apart from standard machine logging of when what was accessed for how long, ex-SRE’s say there is little or no oversight to ensure access is on a need-to-work basis instead of a want-to-know.

What jumped out at my from the Gawker story though is confirmation of something we all suspected:

[…] with a friend’s consent, he pulled up the person’s email account, contact list, chat transcripts, Google Voice call logs—even a list of other Gmail addresses that the friend had registered but didn’t think were linked to their main account—within seconds.

my emphasis

To me this is a huge one, a chunk of information you normally don’t get that easily.

After AOL user search logs were leaked in 2006 we quickly learned that, yes, you can take this anonymous information, fold it back on itself and extract identifiable information from it.

Read full story here and more here!