'Read the Manual': Misconfigured Google Analytics Led to a Data Breach Affecting 4.7M

Slashdot reader itwbennett writes: Personal health information on 4.7 million Blue Shield California subscribers was unintentionally shared between Google Analytics and Google Ads between April 2021 and January 2025 due to a misconfiguration error. Security consultant and SANS Institute instructor Brandon Evans points to two lessons to take from this debacle:

• Read the documentation of any third party service you sign up for, to understand the security and privacy controls;
• Know what data is being collected from your organization, and what you don't want shared.

"If there is a concern by the organization that Google Ads would use this information, they should really consider whether or not they should be using a platform like Google Analytics in the first place," Evans says in the article. "Because from a technical perspective, there is nothing stopping Google from sharing the information across its platform...

"Google definitely gives you a great bunch of controls, but technically speaking, that data is within the walls of that organization, and it's impossible to know from the outside how that data is being used."

is it bad default settings? bad auto settings when

[Joe_Dragon]

is it bad default settings? bad auto settings when things are added? settings that are hard to find? settings with poor docs on what they really do / how do I do X?

Re:

[arglebargle_xiv]

Yup, "accidental" unsafe defaults and then blame the victim with "Read the documentation of any third party service", including the bits on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard', because they're the most important ones.

Re:

[Slayer]

Or a site hosting medical information insisting on using Google analytics to begin with. Maybe that's the much more serious error of judgement than some botched settings. People in this damn industry apparently still haven't gotten the message, that the data they hold can mean life or death for some.

Re:

[gweihir]

That is why the GDPR _requires_ (as in "you get fined and ultimately put out of business if you do not do it") privacy by default. If you just do nothing, any sharing must be off, any question requiring consent must be answered with "no", no exceptions.

"unintentionally shared"

[RitchCraft]

Uh huh, right, I hear you, go on. This is Google we are talking about.

Google: is made up of two words

[Provocateur]

Go and ogle at my info, why don't you

Actually, nine words

Re:

[rickb928]

Damn, especially those retroactive layoffs from 2021, when all this started for BSC.
But then, layoffs are a continuous process.

'Read the Manual'

[hcs_$reboot]

Isn't an 'F' missing in this?

Another Day, Another Leak

[irchans]

So, our data is constantly leaked. One reason is that there usually isn’t much of a penalty. If consumers were paid $10 every time their data was leaked, then leaking the data of 10 million people would cost $100 million. Consequently, entities that hold the data would be more careful or might decide that storing customer data isn’t worth the risk.

How could they be more careful? For one thing, customer data should always be encrypted. It appears that combining homomorphic encryption with zero-

read

[groobly]

Read the entire code base of any software you plan to use. If it uses external libraries, read the entire code base of those, including any libraries, recursively.