Google announced yesterday via the
company blog that a number of G-Suite customers had passwords stored in plain text. The error in storing the passwords of the service mainly used by companies existed since 2005, i.e. about 14 years.
As a reason for the non-encrypted storage of passwords, Google names a function that should make it possible for company account administrators to manually create or reset passwords for new users. Meanwhile, Google has disabled the feature and fixed the bug. According to Google, the affected customers were also informed because their passwords are reset and are no longer available in plain text. There are no indications of misuse or theft of the data. Whether Google employees could theoretically have had access to the data, however, does not emerge from the message from Google.
