Google+ Is Shutting Down Following Security Breach
- Author: Delia Davidson Oct 09, 2018,
Oct 09, 2018, 2:35
According to a report in the Wall Street Journal published Monday lunchtime, a software glitch within Google+ exposed the private profile data of hundreds of thousands of Google+ users to outside developers. The bug allowed for developers that had access to Google+'s API to access information of users that gave permission to the program.
The Google Plus data potentially exposed includes names, email addresses, occupations, dates of birth, genders and profile photos.
The issue was discovered and patched in March as part of a review of how Google shares data with other applications, Google said in a blog post.
So, instead of sticking with the product, Google made a decision to shut it down for consumers and turn it into an Enterprise-exclusive product instead.
Specifically, the issue disclosed Monday came through one of the Google+ "People" APIs, a developer tool available to third-party app developers.
Wall Street Journal also reported that Google Chief Executive Officer Sundar Pichai was briefed on the plan not to notify users as it would result in an immediate regulatory interest. It's worth noting that Microsoft also has several active Google+ communities dedicated to its most popular Android apps such as the Microsoft Launcher, and it's not clear yet what will happen to them.
Trump's North Korean Love Affair Shows That Diplomacy Works
He said there's continuing global support for economic sanctions to remain on North Korea in the meantime. The meeting between Pompeo and Kim may also chart a possible second meeting between the two leaders.
"The review did highlight the significant challenges in creating and maintaining a successful Google+ that meets consumers" expectations, ' Ben Smith, Google's vice president of engineering, wrote in a blog post.
The issue has been fixed and company found no evidence the information was misused by any developers, he said.
"In the interim, since we can not trust that we know much or even most of what ought to concern the public, the FTC should install public-minded privacy monitors into the firms as an element of accountability". Google found that no one was using it, saying that "Google+ now has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds".
In other words, Google learned about the three-year-long vulnerability and chose not to say anything out of fear that it'd be bad PR. Developers will also have more limited access to Gmail data going forward.
For Gmail apps requesting permission to user data Google will only grant access to apps which 'directly enhancing email functionality-such as email clients, email backup services and productivity services (e.g., CRM and mail merge services)'. The service will be wound down over the next 10 months, with the ultimate shut-down coming in August 2019.