Beware of data seepage on Google Calendar

Beware of data seepage on Google Calendar

Summary: If you use Google Calendar to set up corporate meetings or private conference calls, you might want to be careful about how that data is available to the rest of the world.

TOPICS: Google
If you use Google Calendar to set up corporate meetings or private conference calls, you might want to be careful about how that data is available to the rest of the world.

Here's an example of the kind of information that leaks out via Google Calendar's public search feature:
  • Go to Google Calendar
  • In the search box, type in "moderator passcode"
  • Click on Search Public Events
That's just one basic example of a search query that returns potentially sensitive corporate information that could be used by competitors or others for nefarious purposes.

Now, if that search query is expanded for specific terms (use your imagination) and aimed at specific targets (again, use your imagination), the Web-based calendar becomes a gold mine for sensitive data.

I've found information (including e-mail addresses, phone numbers, passcodes and links to supporting documents) in public calendars maintained several well-known corporate entities.  

From sales calls to internal department meetings to conference calls with potential clients, the information is all there, available to anyone with an Internet connection.

Google Calendar does offer the user the ability to keep your entries private.  You should use it if you value your data.

* More from RSnake and Robert McMillan.

Topic: Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Best Joke of the day

    Homeland Security is really good with securing data.
  • This is the problem...

    Google Calendar is very useful tool. Like all tools it is important to learn how to
    use them properly. I must say it is slightly surprising that a person in an IT
    position would be a participant in this 'leak' for lack of a better term.

    Google Calendar settings are easy to use and we here at the Calgoo office default
    our business calendars to private. That way there is a number of steps one must
    go through to make a calendar public, and thus very hard to do by accident.

    Perhaps the instructions / best practices are the needed improvement points here.
    Google did not cause an information leak - there was just a problem with the user
    not knowing how to use the settings.

    - Calgoo
    • The problem is the default settings is public

      But, since Google is an advertizingand search driven company, of course they would default everytning to be available to its voracious search engine.

      If they really wanted to provide a service that is useful to people who just want to set up a calendar they can share with friends and their desktop calendar application, they would make the default private. But then there goes that revenue!

      However, for corporations to use Google Calendar for business purposes, they should have practiced due diligence in researching default settings and their consequences.

      Blame goes both ways here.
      Confused by religion
    • Hey wait a second

      Where's all the Google and Linux apologists around here?

      hmm, I suppose I'll go check out some of the Microsoft stories on ZD Net today. That's probably where I'll find them :)
  • Remember

    The reason one uses Google mail or calendar is to get information out to the net. One needs to remember what it's for (which is NOT to keep your infomation to yourselves).