Cybersecurity researchers have identified nine critical vulnerabilities within Google Looker Studio, collectively dubbed “LeakyLooker.” These flaws could have allowed malicious actors to execute arbitrary SQL queries on victim databases and exfiltrate sensitive information across organizations’ Google Cloud environments. While Tenable, the firm that disclosed the research, stated there’s no evidence of these vulnerabilities being exploited in the wild, Google has since addressed the issues following a responsible disclosure in June 2025.
The discovery highlights potential weaknesses in how data is isolated and secured between different users and tenants within cloud services. The identified vulnerabilities could have provided attackers with broad access, potentially compromising extensive datasets and entire projects housed within Google Cloud Platform (GCP). This could impact numerous organizations relying on various Google Cloud data connectors for their business intelligence and data analysis needs.
LeakyLooker Vulnerabilities Expose Google Cloud Data
The nine cross-tenant vulnerabilities in Google Looker Studio presented a significant risk, according to security researcher Liv Matan. These flaws reportedly “broke fundamental design assumptions,” opening the door to a novel class of attacks. Matan further elaborated that attackers could have potentially exfiltrated, inserted, and deleted data across victims’ services and their broader Google Cloud environments. This implies a deep level of access to sensitive organizational data.
“These vulnerabilities exposed sensitive data across Google Cloud Platform (GCP) environments, potentially affecting any organization using Google Sheets, BigQuery, Spanner, PostgreSQL, MySQL, Cloud Storage, and almost any other Looker Studio data connector,” stated Liv Matan in a report shared with The Hacker News. This comprehensive statement underscores the wide-ranging impact these flaws could have had, touching upon nearly every aspect of data management within GCP.
Potential Attack Vectors and Data Exfiltration
Successful exploitation of these cross-tenant flaws could have empowered threat actors to gain unauthorized access to entire datasets and projects, even those belonging to different cloud tenants. This breach of tenant isolation is a major concern in multi-tenant cloud architectures.
One prominent attack vector involved attackers scanning for publicly accessible Looker Studio reports or gaining access to private ones that utilized vulnerable connectors, such as BigQuery. Once access was secured, attackers could potentially seize control of the underlying databases, enabling them to execute arbitrary SQL queries across the owner’s entire GCP project. This level of command over sensitive data is a critical security threat.
In another scenario, a victim might create a report designated as public or share it with specific individuals, while using a JDBC-connected data source like PostgreSQL. The cybersecurity company detailed how a logic flaw within the report copying feature could be exploited. This flaw allows for the cloning of reports while preserving the original owner’s credentials, subsequently enabling attackers to delete or modify critical database tables. This highlights a critical misconfiguration or oversight in the platform’s sharing or copying mechanisms.
A particularly high-impact method described by Tenable involved a “one-click data exfiltration” technique. In this scenario, an attacker could share a specially crafted report. When a victim interacts with this report, their browser could be tricked into executing malicious code. This code would then contact an attacker-controlled project, enabling the reconstruction of entire databases by siphoning data from logs. Such methods demonstrate sophisticated social engineering and technical execution combined.
“The vulnerabilities broke the fundamental promise that a ‘Viewer’ should never be able to control the data they are viewing,” Matan emphasized. This directly addresses a core security principle of least privilege, indicating that users with read-only access were potentially exposed to actions that could modify or steal data. The implications suggest that sensitive data residing in services like BigQuery and Google Sheets could have been compromised through these LeakyLooker vulnerabilities.
With Google having patched these vulnerabilities, the immediate threat has been mitigated. However, the discovery serves as a reminder of the ongoing need for vigilant security practices and regular auditing of cloud configurations. Organizations utilizing Google Looker Studio and other GCP services should remain informed about potential security advisories and ensure their systems are up-to-date with the latest security patches from Google.