Ask.com Data Leak: Search Engine Accidentally Displays User Searches To Public
For at least part of Friday, search engine Ask.com was plagued by a technical issue that resulted in the search queries of its users being publicly viewable online for anyone to see.
The log of user actions was available on the Ask.com server status page, which displayed a rolling log of every request sent to the site—including individual search queries.
Read: Alternatives To Google And Gmail: Private Search And Email Services For Online Privacy
The problem was first spotted by Catalyst director of strategy and innovation Paul Shapiro, who brought attention to the issue Friday morning on Twitter.
It’s unclear how long the problem persisted before being discovered by Shapiro. According to the server status page, the server had last been restarted three days prior, meaning the information could have been available for three days before being spotted.
Each action on the log was accompanied with an IP address. Those addresses were connected to internal servers hosted by Ask.com—but had they belonged to the user making the query, it could have revealed potentially personal information that could be tracked to an individual.
“We have been working to address the inadvertent publishing of the Ask.com server status page and can report that this matter has now been globally resolved,” a spokesperson for Ask.com said in a statement.
“We can confirm user IP addresses were not accessible during this incident, only queries and the IP addresses of our internal servers. We regret this error and are committed to protecting the confidentiality and security of our users’ information.”
Read: Privacy Search Engine DuckDuckGo Hits 10 Million Searches In A Single Day Because NSA
Ask.com is nowhere near as popular as it once was at its peak when it was better known as Ask Jeeves. But there are still plenty of queries that pass across its servers every day, as the leak discovered Friday revealed.
It’s not the first time a search engine has released searches to the public, albeit it seems to be the first case of it happening entirely by accident. In 2006, AOL intentionally shared detailed search logs from its search engine, with no redactions of any of the information included. It resulted in search queries being identifiable and traceable to the user conducting the search.
Ironically, in the wake of that decision by AOL, Ask.com introduced new search privacy tools for its users.
© Copyright IBTimes 2024. All rights reserved.