Public Google Drive Link Exposed US Military Orders and PII

Published on January 27, 2025
Written by:
Vishwa Pandagle
Vishwa Pandagle
Cybersecurity Staff Editor

The hacker program and security platform HackerOne reported a critical security concern arising from a publicly available Google Drive link. A HackerOne member named 0xrasputin found a Google Drive link that made its way to sensitive Personal Identifiable Information (PII) pertaining to the U.S. Department of Defense. 

The information disclosure was made to the DoD on January 7, 2025. Military orders and operation details in the form of PDF documents were saved in the exposed folder. 

Besides that, the following records were also stored in the folder:

In the report, the HackerOne member shared steps to access the exposed data through the Google Drive link. 

The remediation method they suggested was to either remove the folder or mark it as private. 

The Department of Defense addressed the finding and maintained that the Vulnerability Disclosure Policy (VDP) team will review the report to ensure compliance. 

On January 8, a U.S. Department of Defense staff responded that they had forwarded the report to the affected DoD system owner for resolution. How the Google Drive link was left open to the public is not known.

As per the discussion in the cybersec community, the sensitive information on Google Drive could have been identified using a concept called "Google Dorking"[1, 2, 3]. Dorking is nothing new, but it has been around for a while now, and even regular users have used it without realizing it.

Dork is created basically by combining Google Search Operators like site:, intext:, inurl:, filetype:, link: and other advanced operators to narrow down an indexed page on the search result to identify potential leaks or pages available to everyone.

In another incident, a cybercriminal named Inc Ransom threatened to make a dark web release of data they stole from the DoD contractor Stark Aerospace. It is likely that connected incidents affecting the same targets or organizations lead to incomplete actions, leaving folders and devices exposed to the public.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: