Skip to main content

Google Apps leaks raft of hidden WHOIS data

Google managed to leak full hidden WHOIS data for 282,867 domains registered through the Google Apps for Work service.

These domains account for 94 per cent of the addresses Google Apps has registered through a partnership with registrar eNom, including services which charge extra money to keep their users' data private.

The data, including names, phone numbers, physical addresses and e-mail addresses started leaking in 2013, after a software malfunction in Google Apps.

The bug caused the data to become public once a domain registration was renewed. Cisco's Talos Security Intelligence and Research Group discovered it on February 19 and five days later the leak was plugged.

However, it's not just the good guys whose information has been leaked. Bad guys have also been exposed, and as Cisco researchers Nick Biasini, Alex Chiu, Jaeson Schultz, Craig Williams, and William McVey wrote, some of them will have some 'splaining to do':

"For example, the domain '' has an extremely poor web reputation score. Another domain, '', also possesses a similarly poor web reputation score (we can only speculate as to the reason).Of course, it is well-known that many WHOIS registration details can easily be forged. In the

"Of course, it is well-known that many WHOIS registration details can easily be forged. In the event that the WHOIS record clearly contains false data, that information can still be used for the sake of threat attribution, as was the case of the String of 'Paerls' investigation.“

A Google spokesman said the bug resided in the way Google Apps integrated with Enom's domain registration program interface, ArsTechnica reports (opens in new tab).

It was reported through Google's Vulnerability Rewards Program. The spokesman said the root cause has been identified and fixed.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.