Private Information From Your Public Google Calendars May Possibly Be Leaked Online
Before making your calendar public, a security warning would have popped out – “Making your calendar public will make all events visible to the world, including via Google search. Are you sure?”
If you have ever shared your Google Calendars publicly in the past which should not be publicly accessible now, you ought to check your Google settings and ensure that you are not exposing all your events and business activities on the Internet anymore.Over 8000 publicly accessible Google Calendars can be searched on Google which allows anyone to not only access sensitive data like email ids, event details, locations etc but also add new fake and ill-intentioned information to them. Using an advanced Google search query (Google Dork), one can list all publicly available Calendars within seconds and access every information, including sensitive corporate data belonging to some organizations.
Despite the exposed data, Google is not completely at fault as by this feature of publicizing the calendar is to allow collaboration among people. However, the main concern here is that anyone can view and edit the calendar without notifying the owner on who has accessed and made any changes to the calendar. Users would not know that they are unintentionally exposing information to everyone including spammers and phishers. A few months ago, scammers were found to be targeting Google Calendar users with credential-stealing attacks, where phishers were sending victims an email containing a crafted event invitation with malicious links. In addition, users do not get a warning on adding personal events on the public calendars at their own risk.
Now that you have read this, do check if you have made your Google Calendars public and to change the settings to prevent exposing your personal information!