Google Confirms That It Fired Engineer For Breaking Internal Privacy Policies
Earlier today Gawker published an alarming report detailing the exploits of a former Google engineer who allegedly used his internal clearances to access private Gmail and GTalk accounts so that he could spy on and harass people, including four minors. The article repeatedly points out how much sensitive data the public has entrusted Google with, and highlights that the company’s internal security policies may not be enough to maintain that security should a trusted employee go rogue. Google has just responded to the article with this statement, and it doesn’t deny anything Gawker reported:
“We dismissed David Barksdale for breaking Google’s strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly–which is why we take any breach so seriously.”
Bill Coughran, Senior Vice President, Engineering, Google
While the Gawker article correctly said that Barksdale had been fired for this reason, Google had not previously confirmed it and Barksdale had refused to comment on why he had been dismissed.
In light of the news, we’ve asked Google for more information as to how many times such breaches have occurred in the past, and how many people have access to these private accounts. Update: A Google spokesperson says that a similar security breach has happened once before and that the employee was also dismissed. The previous incident didn’t have any minors involved.
According to the Gawker article, Barksdale was a Site Reliability Engineer, who had deep access to private accounts spanning multiple Google services.
Here’s one particularly damning passage from the Gawker article:
It’s unclear how widespread Barksdale’s abuses were, but in at least four cases, Barksdale spied on minors’ Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he’d befriended, Barksdale tapped into call logs from Google Voice, Google’s Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid’s account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
It’s worth noting that one of Gawker’s sources says that the harassment was not sexual in nature, though it was “a lot of violating people’s personal privacy”.
This Is The Second Time A Google Engineer Has Been Fired For Accessing User Data
Google has just confirmed that it fired one of its engineers for violating internal security policies, effectively confirming a Gawker report that detailed how former employee David Barksdale had used his clearance to access private data of multiple people, including four minors. Barksdale has been dismissed for the offense, and Google says that it is “significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective”.
We asked Google how many times this has happened and have confirmed that it is the second such incident. However, the previous case didn’t involve minors — the offender was dismissed just as Barksdale was. Honestly, given that Google has been around for over ten years and employs some 20,000 people, I half expected this number to be higher. Still, it’s disconcerting to hear that it’s happened at all.
To Google’s credit, it’s commenting on the issue. Contrast this with Facebook — a Rumpus article earlier this year stated that at least two employees have previously been fired for accessing user data. I asked Facebook about this repeatedly, and they refused to directly answer how many times this had happened, if ever.
“We dismissed David Barksdale for breaking Google’s strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly–which is why we take any breach so seriously.”
Bill Coughran, Senior Vice President, Engineering, Google
While the Gawker article correctly said that Barksdale had been fired for this reason, Google had not previously confirmed it and Barksdale had refused to comment on why he had been dismissed.
In light of the news, we’ve asked Google for more information as to how many times such breaches have occurred in the past, and how many people have access to these private accounts. Update: A Google spokesperson says that a similar security breach has happened once before and that the employee was also dismissed. The previous incident didn’t have any minors involved.
According to the Gawker article, Barksdale was a Site Reliability Engineer, who had deep access to private accounts spanning multiple Google services.
Here’s one particularly damning passage from the Gawker article:
It’s unclear how widespread Barksdale’s abuses were, but in at least four cases, Barksdale spied on minors’ Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he’d befriended, Barksdale tapped into call logs from Google Voice, Google’s Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid’s account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
It’s worth noting that one of Gawker’s sources says that the harassment was not sexual in nature, though it was “a lot of violating people’s personal privacy”.
This Is The Second Time A Google Engineer Has Been Fired For Accessing User Data
Google has just confirmed that it fired one of its engineers for violating internal security policies, effectively confirming a Gawker report that detailed how former employee David Barksdale had used his clearance to access private data of multiple people, including four minors. Barksdale has been dismissed for the offense, and Google says that it is “significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective”.
We asked Google how many times this has happened and have confirmed that it is the second such incident. However, the previous case didn’t involve minors — the offender was dismissed just as Barksdale was. Honestly, given that Google has been around for over ten years and employs some 20,000 people, I half expected this number to be higher. Still, it’s disconcerting to hear that it’s happened at all.
To Google’s credit, it’s commenting on the issue. Contrast this with Facebook — a Rumpus article earlier this year stated that at least two employees have previously been fired for accessing user data. I asked Facebook about this repeatedly, and they refused to directly answer how many times this had happened, if ever.
0 Response to "Google Confirms That It Fired Engineer For Breaking Internal Privacy Policies"
Post a Comment
Leave Your Thoughts & We Will Discuss Together