Blog

Your Google Calendar Settings May Be Sharing Your Info

By baypointetech September 25, 2019

Twelve years ago, Google introduced a new feature to Google Calendar that allowed users to share their calendars with others. It's a great feature and invaluable in a corporate environment because it gives teams an easy way to collaborate. Google itself even touted the "make it pubic" feature of their calendar as being a cool way to use their search engine to discover upcoming events.


Unfortunately, as with most things, there's a potential downside. Recently, a security researcher named Avinash Jain discovered more than 8,000 publicly accessible Google Calendars, searchable via Google's own search engine. Many of these calendars contain sensitive information (which is bad enough), but worse, they allow any user to add new events that can cause real harm to the system hosting the calendar. This is done via maliciously crafted events or poisoned links.


As Avinash Jain reports:


"I was able to access public calendars of various organizations leaking out sensitive details like their email IDs, their event name, event details, location, meeting links, zoom meeting links, google hangout links, and much, much more.


This is more of an intended setting by the users and intended behavior of the service. The main issue however, is that anyone can view anyone's public calendar, add anything on it - just by a single search query without being shared the calendar link.


Jain goes onto say that several calendars belonging to many of the top 500 Alexa company's employees were made public, which is certainly cause for concern.


This most recent finding adds to the chorus already warning of the dangers of calendar sharing. Just a few months ago, researchers from Kaspersky Lab discovered scammers abusing Google Calendar in a variety of ways. For example, there were phishing scams that contained poisoned links masquerading as google calendar event links.


Stay vigilant and be sure you have all employees check their Google Calendar security settings so you're not revealing more than you intended to.


Used with permission from Article Aggregator

< Older Post

 Newer Post >

Related Posts

The Role of Mobile Apps in Expanding Small Business Reach

By Mersad September 23, 2025
How can a small-scale establishment stand out in today's competitive market? With the shift toward digital-first experiences, mobile apps help businesses stay relevant and accessible, no matter their size. Learn more about them here.

Adopting Remote Work Tools To Improve Flexibility and Efficiency

By Mersad September 22, 2025
Many businesses across various industries have already implemented a remote work model. Around 35% of Silicon Valley workers, for example, now work from home, a sharp rise from the 2019 pre-pandemic period's 6%, and for good reason. This shift brings many worthwhile advantages, including:

Passkey Weaknesses Exposed: How To Stay Secure

By Mersad September 20, 2025
There’s no question that the traditional username and password combination is a weak link when it comes to online security. For several years, experts have encouraged businesses to implement passkeys to overcome the pitfalls of traditional passwords, which have become increasingly vulnerable to cybercriminals.

New Phishing Scam Hits Victims With a Twist

By Mersad September 19, 2025
Just how safe is your establishment from online threats? A new phishing scam is making waves and targeting US-based organizations. Learn more about it here so you can bolster your defenses.

Why Technology Matters for Longer Product Lifecycles

By Mersad September 18, 2025
Are you finding it harder to keep your offerings profitable over time? By investing in innovation, establishments can predict and control physical wear, combat obsolescence, and even discover new utilization opportunities. Learn more about technology for longer product lifecycles here.

Contact Information

1035 Medina Rd, Suite #800

Medina, OH 44256