Experts reveal 'LeakyLooker' flaws let hackers gain access to user information in Google Looker Studio, so be on your guard

A series of nine vulnerabilities in Google Looker Studio can be used to run arbitrary SQL queries against target databases and pull sensitive data from people’s Google Cloud environments, experts have revealed.

Security researchers Tenable found the flaws, dubbed LeakyLooker, which exposed sensitive data across Google Cloud environments, affecting those who are using pretty much any Looker Studio data connector, including Google Sheets, PostgreSQL, MySQL, and others.

“Achieving full isolation while providing live data is a difficult task that can be flawed,” Tenable said in its findings, adding that the tool’s "Live Data" architecture, designed for real-time report updates, was a real Achilles' heel. “Attackers could exploit this through 0-click (no victim interaction) and 1-click (victim opens a malicious website controlled by the attacker) vulnerabilities.”

Looker Studio issues

Looker Studio is a free data visualization and reporting tool from Google that lets people turn raw data into interactive dashboards and reports. It is quite popular, too, as the broader Looker product family has more than 10 million monthly users.

Here is a brief overview of the bugs Tenable uncovered:

• Cross Tenant Unauthorised Access - Zero-Click SQL Injection on Database Connectors - TRA-2025-28
• Cross Tenant Unauthorised Access - Zero-Click SQL Injection Through Stored Credentials - TRA-2025-29
• Cross Tenant SQL Injection on BigQuery Through Native Functions - TRA-2025-27
• Cross Tenant Data Sources Leak With Hyperlinks - TRA-2025-40
• Cross Tenant SQL injection on Spanner and BigQuery Through Custom Queries on a Victim’s Data Source - TRA-2025-38
• Cross Tenant SQL Injection on BigQuery and Spanner Through the Linking API - TRA-2025-37
• Cross Tenant Data Sources Leak With Image Rendering - TRA-2025-30
• Cross Tenant XS Leak on Arbitrary Data Sources With Frame Counting and Timing Oracles - TRA-2025-31
• Cross Tenant Denial of Wallet Through BigQuery - TRA-2025-41

The most worrying among the vulnerabilities was the “Sticky Credential” logic flaw in the “Copy Report” feature, that unauthorized attackers could use to clone reports while keeping the original owner’s credentials.

Google has since patched all nine bugs globally, and Tenable recommends users regularly review who has “View” access to both public and private reports.