The IG found documents and correspondence exposed in GSA’s Google Groups including a GSA memo to Army personnel containing procurement-sensitive information. Image: Mamun_Sheikh / Shutterstock.com
Documents and correspondence containing sensitive information on employees and contractors continue to be exposed in GSA’s Google Groups to users with GSA email accounts who do not have a legitimate need to know, an IG report has said.
The report follows one from April that raised the same issue regarding that application, which allows users to share information with multiple people at one time. Agency policy requires that users should share only with those who have a business need to know and imposes restrictions specifically on controlled unclassified information including such information regarding federal buildings, it notes.
However, the IG found documents and correspondence containing such information exposed in GSA’s Google Groups including a GSA memo to Army personnel containing procurement-sensitive information; an internal document on potential security threats to GSA buildings and personnel and recommendations for counter-measures; and containing proprietary information of a contractor.
Also exposed were cybersecurity risk assessments of some contractors, documents marked as for official use only, and personally identifiable information, including Social Security numbers, of some federal employees. “The volume of sensitive information identified during our limited testing indicates that additional sensitive information may be exposed in GSA’s Google Groups,” it added.
The findings mirror those of the earlier report, which identified exposed information such as draft versions of safety environmental management surveys; a feasibility study for a federal courthouse; specifications for a building’s sensitive compartmented information facilities; and vendor financial information.
“The recurring nature of these incidents demonstrates that additional management attention and oversight is needed to ensure that GSA properly protects sensitive information across its Google Workspace environment,” the latest report said.
Because the report was in the nature of a management alert, there was no response from the agency.
Large Share of Federal Workforce about to Experience a Payless Pay Period
OPM Details Coverage Changes, Plan Dropouts for FEHB/PSHB in 2026
OMB Says Federal Workforce RIFs are Starting as Shutdown Drags On
Financial Impact of Shutdown Starts to Hit Home; WH Threatens No Back Pay
Surge of Retirement Applications Is in the Pipeline, Says OPM
See also,
TSP Takes Step toward Upcoming In-Plan Roth Conversions
5 Steps to Protect Your Federal Job During the Shutdown
Over 30K TSP Accounts Have Crossed the Million Mark in 2025
The Best Ages for Federal Employees to Retire