The article is specifically about Business Workspace accounts. The concerning part was that then about 1/3 of the sensitive files were externally shared.
To be honest, the article reads like blogspam for an up-and-coming cyber security newsletter. The “report” is just marketing for a data governance software company.
People putting sensitive documents on their personal Google drive isn’t much of a risk if they follow best security practices securing their Google account.
We share loads of shit externally that are private, but the people we share them with are the people it is relevant too so that stát doesn’t do much.
If I show recruitment information to the recruiters we hire that is an external share of private information.
Like I said it’s a marketing paper for a data governance software company. The numbers are to sell their product to corps that don’t know what their users are sharing, not that there isn’t a reason to share certain data externally.