A justified panic gripped the SEO industry after word got out that Google Webmaster Tools has an extremely serious technical issue – old user accounts are automatically getting re-verified and given access to sites they shouldn’t have access to anymore.
The first post I read about the GWT stuff-up was on Dave Naylor’s blog. The very first thing I did was check my calendar to make sure it wasn’t April 1st already. Surely this was a hoax?! Several other trusted sources have unfortunately verified the problems with GWT and it seems to go even further than just GWT; Michaela Dennis mentioned on Twitter that all of her old deleted and blocked Gtalk contacts were active again.
@patrickaltoftAll my deleted/blocked contacts in gtalk have appeared too…
— Michaela Dennis (@mickid2000) November 27, 2012
I think this shows us how the integrated the whole Google eco-system really is and how one cockup can bring down the house. Here’s a short timeline from Twitter.
Anybody else seeing some weird “New verified owner” messages in Google Webmaster Tools?
— Patrick Altoft (@patrickaltoft) November 27, 2012
Worrying: as per others, I now have access to Webmaster Tools accounts again for sites I worked with years ago.
— dan barker (@danbarker) November 27, 2012
Never screw your SEO… you never know when Google will do something stupid like let them back into your Webmaster Tools account.
— Ben Cook (@Skitzzo) November 27, 2012
Wonder how many evil thing are being done with Webmaster Tools right now. Best thing Google could do right now is switch it off
— Kean Richmond (@keanrichmond) November 27, 2012
I’m assuming by their slow reaction that Google aren’t able to “just” take webmaster tools offline…
— Paddy Moogan (@paddymoogan) November 28, 2012
For those not aware of the seriousness of this apparent breach of security, ex-employees or even contractors, that at one time or another had access to a site, the reports, tools, and so on, possibly gain access again to not only Webmaster Tools, but possibly Google Analytics too. The rub is, there’s simply no guarantee those granted renewed access won’t do something malicious. Not only could past access holders change key elements, but spying on the competition for larger entities is definitely a possibility.
Imagine someone working for a major brand suddenly granted access again to a competitive brand!
As added background to the initial story break, Matthew Panzarino over at The Next Web sourced David Naylor early on to show what those formerly with access might do with renewed access to a webmaster (maybe analytics) account. Naylor’s screen also clearly show a former SEO control entity, being reauthorized in what could surely be an unholy mess for a site owner. Naylor reported to TNW he had access to analytics too.
So far Google has been silent on the matter, possibly suggesting they are still trying to sort out exactly what happened. We will keep you updated.
The Editor of SEJ has contacted senior Google communicators and the Google Webmaster Engineering Manager. We are still waiting their response.