A vulnerability in Google OAuth can allow individuals to access previous user data.

A vulnerability in Google OAuth has been found that can allow individuals to access previous user data. The vulnerability works by allowing someone who has reactivated an email account to gain access to data stored in 3rd party services such as zoom, slack, and ChatGPT. The issue is caused by how these 3rd parties verify ownership a gmail account. Google has said the responsibility for managing this vulnerability lies with companies by ensuring they have deleted data before shutting down an account.

Read more:

https://www.securityweek.com/google-oauth-flaw-leads-to-account-takeover-when-domain-ownership-changes/