Google said that it would shut down Google Plus. The company’s long-struggling answer to Facebook’s giant social network. After it discovered a security susceptibility that exposed the private data of up to 500,000 users.
What exactly happened?
Between 2015 and March 2018, third-party developers would have been able to access personal Google+ profile data due to a software glitch in the site. When the bug discovered, Google decided not to notify the social network’s users. An internal memo warned that revealing the leak would result in regulatory interest and lead to comparisons to Facebook in the same way of the Cambridge Analytica scandal.
Users can give access to their profile data to Google+ apps, via the API. The bug meant apps also had access to profile fields shared with the user, but not make as public. Google said that data limited to “static, optional Google+ profile fields” like name, email address, occupation, gender and age. The technology giant says “It does not include any other data you may have posted or connected to Google+ or any other service. Like Google+ posts, messages, Google account data, phone numbers or G Suite content.”
But Google keeps the API’s log data for only two weeks. And Google says it cannot confirm which users impacted by this bug. After having a detailed analysis over the two weeks prior to patching the bug, Google Plus get know that the profiles of up to 500,000 Google+ accounts were potentially affected.
Google also said that “no evidence that any developer was aware of this bug, or abusing the API. We found no evidence that any profile data misused”.
Tech firms collect huge amounts of user data, yet their security measures are often woefully inadequate. Technology is supposed to make people’s life style easier, but all too often; the companies that collect data are not being clear about how they use it and are failing to protect it from hackers.
