A Google dork is an employee who unknowingly exposes sensitive corporate information on the Internet. The word dork is slang for a slow-witted or in-ept person.
Visma
Security researchers and enthusiasts regularly come across tips, hints & examples of bad security. One such example involves this page from software giant Visma. The page provides documentation on a payroll system they provide, and using MSSQL they state saas the standard account to use, and Visma123@ as the standard password. Based on its length and complexity, the password is compliant with standard Microsoft Windows settings, PCI-DSS and otther “best practice” recommendations. Most people would agree that it is not a good password, it is not a good password to be used as a default password, and it shouldn't be included in publicly available online documentation.
Most Importantly, there should preferably never be any 'default' passwords, but a function requiring a password to be set before remote access is allowed and/or to make the system work as expected.
Should this be reported to the company? What exactly would be reported? That they have intentionally created a bad default MSSQL SA password, and documented it online for the world to see? They are probably aware of it, at least somebody at the company is.
A quick Google search reveals even more examples.
unimicro
Say hello to Uni Micro financial systems, a company doing financial systems, and they have documentation online. Default is to use the sa account in MSSQL, with default password abab12UNI.
PHYSICA
Health journaling system. Secure is one of the many words used on their frontpage, and they have documentation online as well. Default user is the sa account in MSSQL, with default password velkommen. Yes, that is welcome in English.
There are several other hits in a similar search, and the results are equally alarming. As security professionals have pointed out for years, a main concern with passwords are product & service providers that don't do proper security on the protection of passwords in their systems. A simple Google search, and anyone has more than enough information to probably gain access to a lot of systems & information they are not authorized to access, and that may represent great risk to lots of people.