Google announced that it will shut down Google+ for consumers after revealing that the social networking site suffered from a security vulnerability that affects as many as 500,000 of its users. It’s believed that the personal data of hundreds of thousands of Google+ users may have been exposed on the site between 2015 and March 2018, though Google claims that it does not believe that data from its users were misused as part of the glitch.
The security flaw could have revealed personal details that about its users to potential hackers, such as a user’s name, gender, email address, and occupation. In its report, Google claims that the bug was discovered when it launched Project Strobe to review third-party developer access to Google account and Android device data.
“We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks,” Google revealed in a blog post after the Wall Street Journal reported the flaw. “That means we cannot confirm which users were impacted by this bug. However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,000 Google+ accounts were potentially affected. Our analysis showed that up to 438 applications may have used this API.”
Google claimed that after the bug was discovered, it was quickly patched and that it was not aware of any abuse. However, it did not reveal the flaw initially as a way to preserve its reputation and not invite regulatory scrutiny, according to a report on the Wall Street Journal. In addition to shutting down consumer accounts, Google also plans to announce changes to its privacy policy in response to the potential data breach, the Journal reported, including new changes to its APIs to limit developers access to user’s data on Gmail and Android devices.
Rival Facebook is still reeling from a public relations fiasco after it revealed earlier this year that data from its users was misused as part of the Cambridge Analytica scandal. More recently, Facebook also discovered a bug that allowed hackers access to its users’ private data. The Facebook security flaw affected 50 million users, and Facebook made a decision to forcibly log off 90 million of its users as a result of the issue. Affected users could log back into their Facebook account to regain access to the social network. Facebook also forced to implement sweeping changes to how it handles data in an effort to rebuild trust as a result of its recent breaches.
Google made the decision to shutter Google+ over the next 10 months, citing a lack of user engagement. “The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds,” Google said.
