Apr 25 2007
Lubricant maker Astroglide accidentally released 250,000 names on one of there web servers, which Google diligently spidered and indexed. If you were one of the people who asked for a free sample of their product between 2003 and 2007, your name was quite likely on the list. Embarrassing in some situations, but hardly in the same league as a credit card database compromise.
There’s a lot of detail in the article, especially in some of the updates from both Google and Astroglide. I guess it’s not all that easy to get Google to remove something like this from their database. I don’t blame Google; their system was doing exactly as it’s designed. It’s the responsibility of the site owner to not publish sensitive information on a publicly accessible server. As Ryan points out, the files should never have been there in the first place. If Google made it easy to take information out of the database, they’d be swamped by such requests.
This is a good example of unintended consequences. Someone had to have made the data publicly accessible for Google to have found it. I’d guess someone put it there for a salesperson to use and didn’t remove it afterwards, or some other equally legitimate excuse. They never realized that Google would discover the files and index them. Goes to show you, be careful what you put on your publicly exposed servers, someone will find it.
To me, this incident is more funny than newsworthy. The value of the Astroglide database is minimal and lies mainly in the embarrassment factor. As pointed out in the article, many people made up names for use in the database, so even that value is minimal. If you’re name turns up on the list, just say someone else entered your information. Astroglide loses out in the PR department, but otherwise I don’t think this will have any affect on the rest of the world.