Press
January 9, 2024

Metomic Finds 40% Of Google Drive Files Contain Sensitive Information, Putting Organizations At Risk Of A Data Breach

After scanning approximately 6.5 million Google Drive files, Metomic found 40.2% contained sensitive data that could put an organization at risk of a data breach or cybersecurity attack.

Download
Download

According to Metomic’s 2023 Google Scanner Report, documents that had been shared externally often contained confidential information, with 18,000 files flagged as having “highly sensitive” data, like PII

London, England, (Black Hat Europe 2023, Booth 444) – December 6, 2023 – Metomic, a next generation data security solution for protecting sensitive data in the new era of collaborative SaaS, today announced the results of its 2023 Google Scanner Report, offering insights on the amount of sensitive data that is often stored in Google Drives without any protective oversights. After scanning approximately 6.5 million Google Drive files, Metomic found 40.2% contained sensitive data that could put an organization at risk of a data breach or cybersecurity attack.

In addition to identifying potentially vulnerable information, Metomic also discovered that 34.2% of all the files scanned were shared with external contacts (email addresses outside of the company’s domain) and more than 350,000 files (0.5%) had been shared publicly, giving access to anyone who had the document link. Among the files identified as containing sensitive information—including confidential employee contracts and spreadsheets full of passwords—18,000 files were flagged as “Critical Level” data files, meaning the information contained “Highly Sensitive” data or the file permissions were not applied securely. 

The importance of data security

“Google Workspace has more than 3 billion users. With so many businesses leveraging Google Docs, Google Sheets and Google Slides—and sharing those docs with partners, customers, consultants, vendors and anyone else they do business with—it’s mind-boggling to think of how much sensitive data is accessible to people outside of an organization and how blind most security teams and business leaders are to this,” said Rich Vibert, CEO, Metomic. “Our Google Scanner Report puts a spotlight on the amount of vulnerable data living in Google Drives around the world, underscoring just how critical it is that businesses know what data is being stored, where it is stored, and who has access to it. The best way to prevent a data breach is to protect your business’ vulnerable data so that it does not end up in the wrong hands. Metomic’s Google Scanner Report makes clear how big of a challenge this is for IT and security teams who are struggling to strike a balance between protecting their company’s reputation and ensuring employees have access to effective SaaS tools that drive collaboration and productivity across the business.” 

According to IBM’s Data Breach Report, the average cost of a data breach has increased 15% over the last three years, reaching $4.45 million in 2023. More than 50% of organizations report they are increasing their security budgets as a result of a breach, with plans to spend more on incident response planning and testing, employee training, and threat and detection tools. 

With data breaches becoming more frequent across industries and geographic locations, it’s imperative that businesses gain full visibility into the data stored in their SaaS ecosystems, including Google Workspace apps. Often, vulnerable data is exposed, not because of malicious intent, but unintentionally by an employee who simply didn’t realize they were making sensitive data public or sharing it with the wrong people. 

Metomic DLP tool for Google Drive gives IT and security teams full visibility into their SaaS ecosystem so that they can control what data is accessible to who. Download the full report at: The Risks of Storing Sensitive Data in Google Drive

Table of content
Table of contents
Table of contents
Table of contents
Table of contents
Table of contents

Metomic

According to Metomic’s 2023 Google Scanner Report, documents that had been shared externally often contained confidential information, with 18,000 files flagged as having “highly sensitive” data, like PII

London, England, (Black Hat Europe 2023, Booth 444) – December 6, 2023 – Metomic, a next generation data security solution for protecting sensitive data in the new era of collaborative SaaS, today announced the results of its 2023 Google Scanner Report, offering insights on the amount of sensitive data that is often stored in Google Drives without any protective oversights. After scanning approximately 6.5 million Google Drive files, Metomic found 40.2% contained sensitive data that could put an organization at risk of a data breach or cybersecurity attack.

In addition to identifying potentially vulnerable information, Metomic also discovered that 34.2% of all the files scanned were shared with external contacts (email addresses outside of the company’s domain) and more than 350,000 files (0.5%) had been shared publicly, giving access to anyone who had the document link. Among the files identified as containing sensitive information—including confidential employee contracts and spreadsheets full of passwords—18,000 files were flagged as “Critical Level” data files, meaning the information contained “Highly Sensitive” data or the file permissions were not applied securely. 

The importance of data security

“Google Workspace has more than 3 billion users. With so many businesses leveraging Google Docs, Google Sheets and Google Slides—and sharing those docs with partners, customers, consultants, vendors and anyone else they do business with—it’s mind-boggling to think of how much sensitive data is accessible to people outside of an organization and how blind most security teams and business leaders are to this,” said Rich Vibert, CEO, Metomic. “Our Google Scanner Report puts a spotlight on the amount of vulnerable data living in Google Drives around the world, underscoring just how critical it is that businesses know what data is being stored, where it is stored, and who has access to it. The best way to prevent a data breach is to protect your business’ vulnerable data so that it does not end up in the wrong hands. Metomic’s Google Scanner Report makes clear how big of a challenge this is for IT and security teams who are struggling to strike a balance between protecting their company’s reputation and ensuring employees have access to effective SaaS tools that drive collaboration and productivity across the business.” 

According to IBM’s Data Breach Report, the average cost of a data breach has increased 15% over the last three years, reaching $4.45 million in 2023. More than 50% of organizations report they are increasing their security budgets as a result of a breach, with plans to spend more on incident response planning and testing, employee training, and threat and detection tools. 

With data breaches becoming more frequent across industries and geographic locations, it’s imperative that businesses gain full visibility into the data stored in their SaaS ecosystems, including Google Workspace apps. Often, vulnerable data is exposed, not because of malicious intent, but unintentionally by an employee who simply didn’t realize they were making sensitive data public or sharing it with the wrong people. 

Metomic DLP tool for Google Drive gives IT and security teams full visibility into their SaaS ecosystem so that they can control what data is accessible to who. Download the full report at: The Risks of Storing Sensitive Data in Google Drive

According to Metomic’s 2023 Google Scanner Report, documents that had been shared externally often contained confidential information, with 18,000 files flagged as having “highly sensitive” data, like PII

London, England, (Black Hat Europe 2023, Booth 444) – December 6, 2023 – Metomic, a next generation data security solution for protecting sensitive data in the new era of collaborative SaaS, today announced the results of its 2023 Google Scanner Report, offering insights on the amount of sensitive data that is often stored in Google Drives without any protective oversights. After scanning approximately 6.5 million Google Drive files, Metomic found 40.2% contained sensitive data that could put an organization at risk of a data breach or cybersecurity attack.

In addition to identifying potentially vulnerable information, Metomic also discovered that 34.2% of all the files scanned were shared with external contacts (email addresses outside of the company’s domain) and more than 350,000 files (0.5%) had been shared publicly, giving access to anyone who had the document link. Among the files identified as containing sensitive information—including confidential employee contracts and spreadsheets full of passwords—18,000 files were flagged as “Critical Level” data files, meaning the information contained “Highly Sensitive” data or the file permissions were not applied securely. 

The importance of data security

“Google Workspace has more than 3 billion users. With so many businesses leveraging Google Docs, Google Sheets and Google Slides—and sharing those docs with partners, customers, consultants, vendors and anyone else they do business with—it’s mind-boggling to think of how much sensitive data is accessible to people outside of an organization and how blind most security teams and business leaders are to this,” said Rich Vibert, CEO, Metomic. “Our Google Scanner Report puts a spotlight on the amount of vulnerable data living in Google Drives around the world, underscoring just how critical it is that businesses know what data is being stored, where it is stored, and who has access to it. The best way to prevent a data breach is to protect your business’ vulnerable data so that it does not end up in the wrong hands. Metomic’s Google Scanner Report makes clear how big of a challenge this is for IT and security teams who are struggling to strike a balance between protecting their company’s reputation and ensuring employees have access to effective SaaS tools that drive collaboration and productivity across the business.” 

According to IBM’s Data Breach Report, the average cost of a data breach has increased 15% over the last three years, reaching $4.45 million in 2023. More than 50% of organizations report they are increasing their security budgets as a result of a breach, with plans to spend more on incident response planning and testing, employee training, and threat and detection tools. 

With data breaches becoming more frequent across industries and geographic locations, it’s imperative that businesses gain full visibility into the data stored in their SaaS ecosystems, including Google Workspace apps. Often, vulnerable data is exposed, not because of malicious intent, but unintentionally by an employee who simply didn’t realize they were making sensitive data public or sharing it with the wrong people. 

Metomic DLP tool for Google Drive gives IT and security teams full visibility into their SaaS ecosystem so that they can control what data is accessible to who. Download the full report at: The Risks of Storing Sensitive Data in Google Drive

Metomic

Latest posts

Safeguarding Your Digital Footprint: Five Essentials for Interacting with AI

With Microsoft opening a new AI centre in London, and with the UK public's growing unease around AI, we explore 5 things you should never share with an AI Chatbot

Blog
The Ultimate Guide to Slack DLP

Slack DLP (Data Loss Prevention): The Ultimate Guide

In this downloadable guide, we’ll arm you with everything you need to know to effectively secure the data within your Slack environment

Guides