'Ugly' mistake sends Google data to China Published duration 13 November 2018

image copyright Reuters image caption Data can easily go astray if hardware uses the wrong address book

Google data for search and cloud services went astray for more than an hour on Monday thanks to an "ugly" mistake by an African ISP.

The data was sent the wrong way when MainOne Cable, in Nigeria, updated address books for key network hardware.

The update saw it claim to be the best way to reach millions of Google net addresses.

The mistake spread to other networks and led to Google traffic travelling via China and Russia.

New routes

In a tweet, MainOne said the mistake had been made during a "planned network upgrade".

It added: "The error was corrected within 74 minutes and processes put in place to avoid reoccurrence."

All the different networks that make up the internet constantly swap information about the best way to reach other parts of the global system.

Mistakes on one network can mean traffic is re-routed the wrong way.

Google said it had spotted the error and blamed it on "incorrect routing" of data.

A spokesman for the search giant told technology news website Ars Technica that all traffic sent the wrong way was encrypted, which should "limit" any damage caused by it being misdirected.

Later on Monday web company Cloudflare was hit by a second MainOne Cable mistake that also saw much of its traffic re-routed.

In a statement, Matthew Prince, chief executive of Cloudflare, said the mistake had probably been made as a result of a network meeting in Nigeria in early November.

Typically, he told Ars Technica, the meetings prompt ISPs to set up more data-sharing agreements with each other.

The mistake that re-routed data had been made while a new data-sharing link had been being created, he said.

"This was a big, ugly screw-up," he said. "Intentional route leaks we've seen to do things like steal crypto-currency are typically far more targeted."

Mr Prince's explanation defused earlier claims that the re-routing had been an attempt to steal data.

Ameet Naik from net security company ThousandEyes had characterised the incident to The Register as "grand theft internet" and said it was "unlikely" to be accidental.