Update: July 25th, 2013 this article has been corrected to reflect Google is not at fault for Google Dorks.
UPDATE: I have written an article meant for webmasters, so they can protect users from this privacy breach.
Almost every website you visit has a private “virtual notebook”, also known as a database stores everything you do on that website. If you give the site your credit card number or social security number, it is kept in their “virtual notebook”. You leave the site, believing that no one except you can get your information. Unfortunately, the entire world can get any information you’ve entered on almost any website, if your site doesnt hide private information from Google Search. Google Search indexes everything that is made public including “virtual notebooks” and the information stored within that notebook in their search results. If you’ve given a site your credit card number or social security number, then there is a very high chance that site isn’t secure and has that information open to the public then Google will automatically add the info to Google Search.
This information is very easy for anyone to find, especially for cyber-criminals because Google has made it so anyone can do a Google search with the words filetype: and then the extension for “virtual notebooks”.
I contacted Google immediately when I discovered this problem believing that they would want to fix it. I was wrong. They were fully aware that people can find your info, but they feel that they can’t stop it, nor is it their job to “censor or curate” their results unless they are required to do so by law.
Update: July 25th, 2013
It is extremely hard to hide almost every security hole and if Google did, then your site wouldn’t be seen by as many people. It is the webmasters job to hide information they dont want the whole world to see, like Google said last year.
Google said that it is the webmasters job to hide any information that shouldn’t be seen.
I am not sure why Google believes they can’t hide your personal information from the world,
since their competitors Bing and Yahoo! are able too.
Update: Bing and Yahoo and every single other search engine also show private information you should hide.
I found it odd that anyone who uses Google Blogspot or Google Sites will have their “virtual notebook” appear in Google search results. Google is the Webmaster for those two sites, yet they aren’t hiding those “virtual notebooks” from their own search engine. I would like to note that as far as I can tell Facebook has hidden their ”virtual notebooks” from Google Search. You may read our technical article on how to hide your database, if you aren’t doing so already.
A website Which is all about Google dorks has been keeping track of Google indexing private information that sites don’t hide from their search engine since 2003. In 2003 they were adding some passwords to the search engine. I am not legally allowed to link to the site I am referring to, because the information on that site could help people commit cyber-crimes and break the Computer Fraud and Abuse Act of 1986.
At the beginning of the article I said I would let you read the entire reply from Google, so here it is.
If you would like to view the full sized email screenshot and download it click here
Did you know Webmasters were violating your privacy? Do you think They should be held responsible for this? Let us know in the comments!
LEGAL NOTICE: This information is published to educate the public about this security issue. You are prohibited to use this information to violate the Computer Fraud And Abuse Act of 1986. You are prohibited to use this information for anything that is illegal or violates any law, statute, act, etc. You will indemnify, defend and hold harmless, the author of this article, and Planet Zuda, LLC from and against any damages and costs, including attorney fees resulting from anyone misusing and or abusing the information in this article.