Gmail Mobile Bug Allowing Security Breaches Of Other Google Email Users?

Jan 8, 2009 • 8:29 am | comments (0) by | Filed Under Other Google Topics

In the past few hours, I have seen two threads from the Google Mobile Help Forums reporting that these people were able to login with their password to Gmail, but for some reason, were taken to someone else's Gmail account.

Both reports came on the fourth of January, the first said:

There are times when I enter the gmail site on my cell phone, and before the sign-in page even appears, I have found myself to be automatically redirected to the inbox of a complete stranger, and I have access to their account. This has happened to me twice.

The second said:

I've experienced a problem lately: on occasion, I will open up my WAP browser and realise that it's not my email I'm viewing at all! It is the email of some random person. Sometimes, I can see the emails when I click on them and sometimes - seemingly randomly - I click on something (say, inbox) and it takes me right back to my own inbox.

A Google representative, Ethan from the mobile team, replied to both saying that they will touch base with these folks offline.

Thanks for letting us know. Someone on the team has contacted you via email to get some account-specific details.

As for your concerns about your own account, Gmail offers HTTPS -- an additional layer of security that will ensure your mail remains encrypted when it travels between your web browser and our servers.

I have not seen any other reports of this, outside of these two. But this does seem a bit scary to me. I hope they figure out the issue soon and fix it as soon as possible.

Forum discussion at Google Mobile Help.

Previous story: How To Get a Locations Longitude/Latitude Using Google Maps on iPhone
Ninja Banner
blog comments powered by Disqus