Security Tools News & Tips

Google has confirmed that it unwittingly disclosed sensitive login and password information pertaining to more than a dozen users. It has already informed the affected users and confirmed that the problem is fixed. This happened when the users submitted suspected phishing sites through the Google Toolbar. Some of the URLs submitted by users also contained login id and password information. The security firm Finjan, which discovered the problem first and notified to Google recommends users not to use the same usernames and passwords for several accounts.

An attacker who obtained the password for one site could access more sensitive information on other sites, such as credit card numbers or bank account information.

Update: Here’s a scary screenshot from Finjan, with highlighted Online Banking Access ID and Password.