Files from some private network-connected hard drives reportedly indexed by Google

By Jos
Apr 10, 2015
Post New Reply
  1. Network-attached drives can be super convenient for keeping your backups and files remotely accesible without relying on servers form a third party like Dropbox or OneDrive. But as an investigation conducted by CSO has found out, if not properly configured, you could be getting more than you bargained for.

    The report says some personal cloud devices and external hard disks connected to routers with FTP enabled have been indexed by Google, resulting in personal files appearing in search results. These include everything from personal emails, journal entries, passports, tax records, financial statements, mortgage documents, passwords, private photos and more.

    CSO was reportedly able to map a family's personal and financial history going back to 2009 by searching their name. The data was archived on a Western Digital hard drive connected to a Linksys WRT1900AC router. When warned about the problem, the family confirmed it was too late.

    "I simply could not figure out how someone got the [card] info minutes after I'd activate them. My system was clean and secured more than the average person," said one member of the family. Now I know. [It's not] difficult when my backups were public and being indexed on Google.”

    CSO noted that devices including Seagate Personal Cloud, Seagate Business NAS, Western Digital My Cloud and LaCie CloudBox also popped up in searches. The culprit, again, is improperly configured remote access features.

    The report includes a detailed guide on how to check if your network-attached storage devices are letting Google index your files.

    Permalink to story.

  2. Per Hansson

    Per Hansson TS Server Guru Posts: 1,926   +185

    This just took a saying we had in school to a real level:
    Real men don't make backups; they just put their files on a open FTP and later find their backups via Google ;)
  3. What google did is illegal in some states. Here is an example:

    IC 35-43-2-3
    Computer trespass
    Sec. 3. (a) As used in this section:
    "Access" means to:
    (1) approach;
    (2) instruct;
    (3) communicate with;
    (4) store data in;
    (5) retrieve data from; or
    (6) make use of resources of;
    a computer, computer system, or computer network.
    "Computer network" means the interconnection of communication lines or wireless telecommunications with a computer or wireless telecommunication device through:
    (1) remote terminals;
    (2) a complex consisting of two (2) or more interconnected computers; or
    (3) a worldwide collection of interconnected networks operating as the Internet.
    "Computer system" means a set of related computer equipment, software, or hardware.

    (b) A person who knowingly or intentionally accesses:
    (1) a computer system;
    (2) a computer network; or
    (3) any part of a computer system or computer network;
    without the consent of the owner of the computer system or computer network, or the consent of the owner's licensee, commits computer trespass, a Class A misdemeanor.
  4. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,430   +2,822

    And probably waivered, when they setup their cloud storage.
  5. Sancticide

    Sancticide TS Enthusiast Posts: 44   +18

    These people inadvertently set up a public FTP server. It's not like Google broke in or used some exploit.
    Burty117 and cliffordcooley like this.
  6. s0urce

    s0urce TS Rookie

    Wait what is going on here? They're saying this occured in 2009 on a WRT1900AC. That router wasn't out then... I smell something fishy.
  7. Their data was from 2009 on the WD Hdd ,not the router...
  8. Seriously I can't stop laughing. Privacy? And some people still think the government is their biggest threat to privacy. lOl. The government may collect data, but when (aside from the likes of Snowden) do they lose it into the public domain?

    Google IS big brother. Facebook IS your best friend and comrade. It's time to wake up and smell the sh1t.
  9. Camikazi

    Camikazi TS Maniac Posts: 798   +217

    Yeah Google does index most any site that is OPEN and UNSECURED anyone who has half a brain should know this. That is why when you start the FTP service on your router (or anywhere) you secure the damned thing, you NEVER use the defaults when it comes to security. Can't really blame a search company for searching when you give them open access to your information.
  10. Lionvibez

    Lionvibez TS Evangelist Posts: 1,084   +331

    Yup learn about the hardware you buy.

    There is no excuse to be a noob these days everything is all over the internet.

    you can find video guides on youtube for almost everything.
  11. Camikazi

    Camikazi TS Maniac Posts: 798   +217

    Videos on YouTube have honestly taught me a huge amount of things, it is an awesome resource if you know how to use it.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...