Google Inc (NASDAQ:GOOG) (NASDAQ:GOOGL) began launching Drive 2.0 today according to thousands of people online who are noticing the difference. Google Drive 2.0 was announced in the midst of the Google IO activity. The new and improved Google Drive brings forth a much more user-friendly interface, simulating that of a regular desktop file manager.
While that’s great for the company, a worrying privacy issue it also coming to light that could have allowed corporate and personal information to fall in to the wrong hands prior to Google supplying the fix. Quite simply, cloud data is vulnerable when accessed with a link.
The problem Google had is very similar to one that Dropbox experienced with hyperlink vulnerability earlier this year.
Google explained its fix in a blog post, which outlines the exact nature of the flaw. Only a “small subset of file types” that corresponded to the below criteria:
- The file was uploaded to Google Drive
- The file was not converted to Docs, Sheets or Slides, remaining in its original file format (.pdf, .docx, etc.)
- Within the file content were hyperlinks to third-party HTTPS websites
- Sharing settings were changed by the owner so that the document was available to “anyone with the link”
Documents with these criteria will now no longer relay the original document’s URL, Google recently told its users.
While it’s likely that Google has indeed fixed the problem, anyone who stills has concerns as well as sensitive information in the cloud would be wise to take the documents down and re-upload them if they still have a need for cloud access to these documents.