@ajojose33333344 you should remove the /u/4 bit in the URL above, as that is valid only for you, as it is the fifth logged in use in that Chrome session.

I also recommend never log in more than one account in each Chrome session.

That's what Chrome profiles are for. 🙂

AFAIK, /u/4 will automatically change.

Yup, but it should never be shared, because if the other person also incorrectly logs in with several accounts in one session, it will load their firth session, and it will not change to the correct session.

@kim_nilsson I expected people to switch😅 , but yes, If it's making trouble it should be removed.

Noted with thanks

@Hajo Please contact your company super admin.

Hi dear ajojose33333344

Thanks do much for helping!

I am afraid that I am the super admin 😬. I'm not very technical though.

@Hajo some Workspace versions don't have access to the support portal.

In the admin console, click the (?) question mark top-right, and see which kind of support you have. If you have none at all, then the only official channel is Twitter. https://twitter.com/AskWorkspace

Thank you Kim.

Thing is that I don't even know what the admin console is. Also I am not using twitter 😞  I'm totally lost here. I do see that someone from Google has replied, so maybe they can help. Thanks do much for reaching out though. 

@Hajo 

https://support.cloud.google.com/portal/cases

Thanks so much. When I try the first url, it constantly gives me (see attachment). The second url I have come across before, but I can't find a solution there. 

@Hajo can you simply try click on the ? mark on the upper right side of your admin console....post the issue , it will initially give you some articles ,click this is not my issue and after one or two times it will take you to contact support option and you will be able to chat with them

@ajojose33333344 there's another unnecessary/irrelevant /u/2/ reference.

@kim_nilsson Sorry, please excuse me, it's an old one apparently a month ago corrected it when someone pointed it out.😅

Thank you @Oliver_Hartley1 

You state that  syncing my files with my local computer would count as  "open files". However:

• I can't remember actively syncing my account with my computer, and
• why then would only be my financial documents be opened? 
  

I have no idea what has happened and I have a very hard time finding it out. I am very interested to to know:

• from what IP address were these google sheets opened? 
• At what exact time (I only know the day)
• Why do all the opened files have a new 'creation date', that being the date on which they were opened? Could it also be a bug from Google's end? 

I'm really looking forward to your reply.

Thanks a million in advance. 

Yours,

Hajo

Dear @Oliver_Hartley1

I am experiencing a possible security issue with Google Sheets documents (as described in this ticket). I have tried online support and when that failed, I called Google USA and Google Netherlands, mailed Google. All at no avail, since they all refer back to online support. I'm getting quite desperate. Now I have made contact with a Google staffer (you) and that contact seems to have died. Are you still receiving my messages? If so, please do reply. 
Kindly yours,
Hajo 

@Hajo these posts are still here, so at least someone is seeing them.

Have you secured your account since the start of this thread?

Added 2FA, reset your password and then reset all sign-in cookies (all three steps are necessary), forcing you to re-login on your devices.

Dear @kim_nilsson,
I have given up. How is it possible that I (possible) have my financial records opened by some one else and I can't get in touch with Google to see if it was a hack or a bug? I mailed them, called them (both in the US and in the Netherlands) and tried this forum and other, but I can not get in touch with them. Scary! And in reply to your question, yes, I have secured the account. But my question is: How was this possible in the first place and what has happend? Have I (or rather my company) been hacked or was there a bug? How safe is Google Sheets? Thanks for replying, I really appreciate it!

You shouldn't be scared.

Default setting with Workspace is that no content is directly accessible by any other user until you share it with someone. The superadmin of a Workspace can use APIs or the Investigation Tool to gain access to any known or found content, but such actions are logged.

It is, of course, always possible that the data returned from Google is incorrect. That the database which keeps the record of file access was corrupted in some way, and is giving you incorrect information.

When investigating such a thing one must include the superadmin of your organisation, who is the (usually) only one who can see whether there are such API tools integrated in the Workspace as a whole, but yourself can also check your own account, to see if you personally have any apps connected to your account.

The list of such services connected to your account can be found here.

https://myaccount.google.com/permissions