Google exposed personal data of nearly 500,000 and didn't disclose it

Isaac Cain
October 10, 2018

Internet giant Google has said it is shutting down the consumer version of its own social networking site Google+ due to low usage and a bug discovered in March a year ago that could leak the data of about half a million of its users. It said it had no evidence that any third-party developer was aware of the bug or had misused profile data.

The data being stolen includes full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status. A bug in their Google+ People APIs, which potentially exposed the data of over 500.000 users and was promptly patched in March 2018.

Google's own social network, Google+, will shut down after a vulnerability exposed the personal information of over 500,000 users, according to CNET. The social network, which was launched in 2011, was initially supposed to be a response to Facebook and Twitter, but it has ceased to exist outside of a handful of niche communities for years.

The Wall Street Journal, citing anonymous individuals, reports that Google deliberately avoided disclosing the problem at the time, in part to avoid drawing regulatory scrutiny.

According to WSJ sources, Google CEO Sundar Pichai was briefed on the plan only after the decision not to inform the public was made - riiiiight.

More news: Ousted Guardians of the Galaxy director switches camps, tied to new DC Comics film

Google has denied the newspaper's accusations, saying it determined its course of action based on the data involved in the breach, lack of evidence of data misuse and the challenge of determining precisely how many and which users were affected. "Our goal is to support a wide range of useful apps, while ensuring that everyone is confident that their data is secure".

Google eventually disclosed the data leak in a blog post yesterday.

Luckily though, if you want to jump ship before Google formally shuts down the social network, there's an easy way to check if you're signed up - and delete your account. For one thing, soon, only Android apps which the user has assigned as their default for use will be allowed to request certain permissions like making calls and sending SMS. "So can Google keep the trust of its users going forward?"

The company revealed that the usage and engagement of Google+ is even lower than some might have guessed, as 90 percent of user sessions lasted less than 5 seconds.

Users can grant access to their Profile data, and the public Profile information of their friends, to Google+ apps, via the API.

Other reports by LeisureTravelAid

Discuss This Article

FOLLOW OUR NEWSPAPER