Last Summer, after AOL released a bevy of search data, Google CEO Eric Schmidt appeared at Search Engine Strategies San Jose and promised — promised! — that no such breach could ever occur at the Googleplex. If memory serves, his exact words were:
“The answer is, it won’t happen.“
Oops. Looks like the G Poppa accidentally released users’ bank details in their anti-phishing blacklist. Security firm Finjan reconfirmed the details today. Of course, as my buddy Ryan Naraine points out, this is somewhat old news — three weeks ago the list was found to be chock full of MySpace usernames and passwords. And while this breach is nowhere near as bad as AOL’s, it does give the lie to Schmidt’s supercilious posturing.
I was in the room at SES when Schmidt denied the very possibility of data breaches. It’s more humorous now, because after the question about security concerns was asked for the third time, he waffled and hemmed and hawed, mentioned something about Sarbanes-Oxley rules preventing the mere thought from occuring in a Googler’s brain, said it could happen, then asked reporters not to quote him on that and said the words quoted above. There’s a video of the reporter Q&A session floating around somewhere.