Get the latest tech news
Employees of Failed Startups Are at Special Risk of Stolen Personal Data Through Old Google Logins
Hackers could steal sensitive personal data from former startup employees by exploiting abandoned company domains and Google login systems, security researcher Dylan Ayrey revealed at ShmooCon conference. The vulnerability particularly affects startups that relied on "Sign in with Google" features f...
Hackers could steal sensitive personal data from former startup employees by exploiting abandoned company domains and Google login systems, security researcher Dylan Ayrey revealed at ShmooCon conference. The vulnerability particularly affects startups that relied on "Sign in with Google" features for their business software.Ayrey, CEO of Truffle Security, demonstrated the flaw by purchasing one failed startup's domain and accessing ChatGPT, Slack, Notion, Zoom and an HR system containing Social Security numbers. The company initially dismissed Ayrey's finding as a fraud issue before reversing course and awarding him a $1,337 bounty.
Or read this on Slashdot_marcos_alvarado_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop)
