Severe Google Bug Regains Access to Prior-Privy Webmaster Tools Users

Google Webmaster ToolsOne of the worst things that could harm a site’s search traffic from Google is if someone unauthorized had gained access to its Webmaster Tools account. Changing a couple of the site’s settings here and there, and poof, the website is out of Google’s index.

Well, hold tight anxious webmasters because this nightmare might just become a painful reality for some.

As first reported by David Naylor, it seems that many users have suddenly regained access to Webmaster Tools accounts they once were privy to. Many of those SEOs are going bananas about it on Twitter as they confirm the dangerous GWT glitch (here, here, here, here).

The Next Web has even confirmed with the previous SEO director of eBay Dennis Goedegebuure that shockingly he can enter eBay’s Webmaster Tools account once again, in spite of the fact his credential been revoked more than a year ago. This is incredibly crazy!

Just imagine what could happen if someone a bit disgruntled (and a bit deranged) would decide to avenge his former employee for some reason. By using the new Disavow Links Tool all the site’s links could be discounted, the crawl rate could be significantly tuned down and the site could even be entirely de-indexed from Google!

Even if all sorts of configurations wouldn’t be altered, there’s of course also the danger that sensitive data would leak out. Although I suppose it’s obviously not the worst case scenario, for some companies it can also be quite hurtful.

If you once had permitted another user admission to your GWT account, you should revisit those settings immediately and do what you can to cancel them again before something dreadful would occur to your site’s traffic. Remember that GWT could cause some serious almost irreversible damage in the wrong hands.

While the urgency of this security breaches are critical, so far Google still hadn’t issued them and the error hasn’t been fixed yet. Once they finally will, I’ll update this post.

Update: Google confirmed the security problem had existed for a few hours but now they’ve already fixed it and probing the case so it won’t happen again in the future. No additional information about collateral damage has been given.