Limit The Number Of Open Accounts To Limit Work-Related Cyber Exposure

February 4, 2021

Google, LLC will pay $7,500,000 to settle a class action lawsuit over allegations of exposing user data to third parties.

In October and December 2018, Google acknowledged that its Google+ media platform contained software bugs that could potentially expose user data to unauthorized third parties.

Although the number of users affected by the first bug is unknown, the number of users in the U.S. who could have had their account settings exposed by the second bug is estimated to be 10 million.

According to the plaintiffs' motion filed in support of the settlement, user profile information that could have been compromised includes usernames, genders, email addresses, occupations, and places lived. However, the motion noted that there was no evidence that the data had been accessed.

The class action lawsuit was filed in October 2018. Google shut down Google+ in April 2019.

Per the terms of the settlement, each claimant will receive a cash payment of between $5 and $12, depending on the availability of funds. The attorneys will receive up to $1,875,000 plus $200,000 for additional costs. Judy Greenwald "$7.5M settlement reached in Google+ class action suit" businessinsurance.com (Jan. 08, 2020).

Commentary

A simple truth is that the more accounts an employee has, the more likely they are vulnerable. To limit exposure related to work, employers should stress that employees should limit their work-related accounts.

Social media accounts present a unique vulnerability. Employees should avoid accessing personal social media accounts via work devices or networks.                  

If accessing social media is part of an employee’s job, they should create an account on social media sites with a reputation for protecting personally identifiable data.

If accounts exist for business (or personal) that are not used, now is a good time to delete those accounts.

The same holds true for vendor accounts. If employees registered with a vendor and no longer use that vendor, now is a good time to close that account.

Finally, your opinion is important to us. Please complete the opinion survey:

News

Remote Work Is Here To Stay, But So Are The Cyber Risks

More employees are going to work remotely. Learn why that presents even more cybersecurity challenges. Read More

IT Communication Breakdowns Lead To Higher Data Security Risks

IT can assist employees working from home to stop a cyberattack, but employees must first make the call. We examine the cybersecurity issue of remote employees not communicating with IT. Read More

Orion Malware Hack Increases The Need To Fortify A Vendor's Back Door

Microsoft found the Orion update malware on some of its network systems, emphasizing the serious nature of the hack. Learn how third-party suppliers increase cybersecurity risk. Read More