Newly published research has unveiled that the websites of many Fortune 100 firms host publicly accessible files that reveal potentially sensitive data such as user names and email addresses. The research analysed Microsoft Word, PowerPoint and Excel files available on the websites of some of the world's biggest firms, and has found that thousands of user IDs and email addresses, comments and track changes, and hundreds of PowerPoint files were available.
The study conducted for Bitform, a software component developer of tools for content inspection and security, analyzed 8,038 files for more than two dozen specific types of metadata and hidden information which have the potential to expose proprietary or confidential information, breach corporate policies and open security holes.
It warned there are "thousands of instances" of information exposure that was likely not intended to be made public. One such instance was a white paper from a computer manufacturer containing comments intended for internal review only, which acknowledged scalability limitations of a partner product.
The researchers behind this study have suggested that this problem is more severe for smaller companies that don't have the resources or processes to review the information that is made available to the public.