We have identified several clusters where users have granted Kubernetes privileges to the system:authenticated group
lol if that's the whole thing, blaming Google is laughable, unless they default to that somewhere or have faulty documentation. That's not a security flaw with their tools.