DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Goldman says client data leaked, wants Google to delete email (update2)

Posted on July 2, 2014 by Dissent

Jonathan Stempel reports:

(Reuters) – Goldman Sachs Group Inc said a contractor emailed confidential client data to a stranger’s Gmail account by mistake, and the bank has asked a U.S. judge to order Google Inc to delete the email to avert a “needless and massive” breach of privacy.

The breach occurred on June 23 and included “highly confidential brokerage account information,” Goldman said in a complaint filed last Friday in a New York state court in Manhattan.

Goldman did not say how many clients were affected, and wants Google’s help in tracking down who might have accessed the data. The Wall Street bank also said Google “appears willing to cooperate” if there is a court order.

Read more on Reuters.

Update: Because this case has some disturbing implications for user privacy and control, I’ve been searching to find other cases that might be similar. So far, I’ve found one case in 2009 that TechDirt and TechSpot reported.

From a breach perspective, suppose the Gmail account had an automatic forward to a non-Gmail account set up. Google could delete the email from the recipient’s inbox under court order, but that wouldn’t delete the copy that had been forwarded. Does the company’s wish to recover/delete the email trump the individual’s right to privacy? Should Google be ordered to reveal the forwarding email address? And does it matter (it should) whether the email had already been opened or not in terms of the company’s responsibility to disclose the breach or notify regulators and individuals?

Lots of questions here…

Update2: Reuters reports that Google has blocked access to the email:

“Google complied with our request that it block access to the email,” Goldman spokeswoman Andrea Raphael said. “It has also notified us that the email account had not been accessed from the time the email was sent to the time Google blocked access. No client information has been breached.” A Google spokeswoman declined to comment.

Google will not delete the email, however, without court order. But should Google have even given this much info to Goldman Sachs? And will they tell Goldman whether there are any forwarders set up on the account?

No related posts.

Category: ExposureFinancial SectorU.S.

Post navigation

← Boston man charged in Twitter hack
FL: Tampa woman gets prison in credit card fraud ring that targeted International Plaza →

1 thought on “Goldman says client data leaked, wants Google to delete email (update2)”

  1. MikeP says:
    July 3, 2014 at 4:37 pm

    Wouldn’t another question be “Why are Goldman Sachs contractors emailing massive amounts of confidential information around? Surely GS has better ways of doing this.”

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hunters International to provide free decryptors for all victims as they shut down (1)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case
  • Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen
  • Hacker with ‘political agenda’ stole data from Columbia, university says
  • Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.