Feeds

Google leaks small biz stats to random people

Traffic data snafu blamed on 'human error'

Internet Security Threat Report 2014

Google has inadvertently leaked web traffic data for multiple small businesses to random third-parties across the web.

On January 7, web marketing consultant David Dalka received an email from Google that included traffic stats from its Local Business Center. This is a portal where small businesses can add themselves to Google's local search index and track visits to such listings. Dalka uses the Local Business Center on behalf of multiple clients, but the email detailed November 2009 data for a company called Boscos, an outfit he'd never heard of.

The email included the number of times Boscos had appeared in Google's local search results during the month, the number of users who clicked on the listing, the number who clicked for "more info," the number who clicked for driving directions, and the number who clicked on the company's website.

After digging up a recent Tweet from someone who'd received a similar email, he blogged about the incident, and several others responded to say they too had received detailed Google traffic info for unfamiliar merchants.

Similar stories have popped up elsewhere, including a pair from noted Google Maps watcher Mike Blumenthal.

In each case, the email details November 2009 stats for a seemingly random business, and among the emails that are now public, the business is never the same.

At least some users received an apology, in which Google acknowledged the emails. When we contacted the company, it did much the same - though it played down the incident, saying it had sent "incorrect information" to less an one per cent of its LBC users. It's unclear how many users it claims.

"We send a monthly newsletter to our Local Business Center users, featuring product news and a glimpse at statistics about the traffic Google properties drive to their listing," read a statement from a company spokeswoman. "Shortly after sending the newsletter to a small portion of our users (less than 1%), we discovered that some emails included incorrect business listing information.

But when asked if the "incorrect information" was data related to real third-party business, the spokeswoman confirmed that it was.

The company blames the leak on "human error".

"We promptly stopped sending any further emails and investigated the cause," the statement continued, "which we found to be a human error while pulling together the newsletter content.

"We'd like to apologize to all the business owners affected and assure all our users that we're working hard to ensure that nothing similar will happen again. Those affected should have all received a corrected email."

In his blog post, David Dalka compares Google's snafu to AOL's infamous 2006 data breach, remembering Eric Schmidt's claim that his company would never follow in AOL's footsteps. "Our number one priority is the trust that our users have and that would be a violation of trust, so the answer is, it won’t happen," Schmidt said in 2006.

This is a tad different. AOL leaked search data for individual users. Google has leaked traffic data for small businesses. But at least some of Dalka's concern is warranted - however many users Google leaked those stats too. After all, this is Google - a company that may house more data about the world's people and businesses than any other, with more streaming in by the day.

"The Internet is about trust. Lose it and it's hard to get back. If I were sitting on Google's board of directors, I'd certainly be asking the management team about what caused this apparently haphazard communication of private data and what internal controls will be changed to prevent a future similar event," Dalka told The Reg.

"Google randomly exposing analytics data to various people concerns me. It makes me wonder what other processes could this happen with at Google? How will businesses' privacy be protected from Google?" ®

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.