Google+ to shut down after security flaw exposes users' private details

Google+ to shut down after security flaw exposes users' private details

Google+ to shut down after security flaw exposes users' private details

Google exposed the personal data of about 500,000 Google+ users to potential misuse by outside developers for years through a bug, then concealed the error to avoid consequences, according to an investigation published by The Wall Street Journal Monday.

The announcement came in a Monday blog post, which was also Google's first public description of the privacy bug.

Google neglected to report the breach to the public, allegedly out of fear that the company would face regulations and damage to its reputation, according to sources and documents obtained by the Wall Street Journal.

Google discovered a problem with the Google+ People API that could allow third-party developers to scrape optional profile information made available to your friends like name, email, occupation, and gender. In the aftermath of what appears to have been a major security flaw within Google+, the company ended up not disclosing the breach of information to its users.

Google+ is widely seen as one of Google's biggest failures, the WSJ says. In recent years, Google began to de-couple Google+ from its core services, and shifted its focus on standalone products like Google Photos.

"We discovered and immediately patched this bug in March 2018", Ben Smith, the company's vice president of engineering, wrote.

The leaked memo says that while there is no evidence that outside developers misused any data, there is still no way to know for sure.

Because of all of this, Google announced that it would be shutting down Google+ for consumers. Gmail add-ons access will also be limited.

Google said it would continue to offer private Google+-powered networks for businesses now using the software.

The company also debuted a number of new privacy controls, including limiting the apps that can access Gmail, call log, and text messaging data.

The review did highlight the significant challenges in creating and maintaining a successful Google+ that meets consumers' expectations.

Over the coming months, Google will update users with additional information, including ways to download and migrate data.

The bug was patched two weeks after it was initially discovered (Google took two weeks to analyze the data before patching the hole), but has now chose to shut down Google+ as a consumer service.

Finding 4: When users grant SMS, Contacts and Phone permissions to Android apps, they do so with certain use cases in mind. The office looks at what data was taken, what affected users need to be informed, if there was any evidence of data abuse, and whether or not users could effectively respond.

Related news

[an error occurred while processing the directive]