Google+ shutting down following security bug

Share

Google is closing the Google+ social network after an error exposed the private data of hundreds of thousands of users last spring, in an incident which the company never disclosed to those affected. At the time, multiple governments were scrutinizing Facebook over its data practices, and, according to WSJ's report, this seems to be the reason why Google failed to disclose its security issue to the public.

Earlier this year, Facebook acknowledged that tens of millions of users had personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

Google Chief Executive Sundar Pichai has agreed to testify before Congress in the coming weeks, according to the Journal.

The bug, according to Google, meant that third-party apps had access to "profile fields that were shared with the user, but not marked as public", like name, email address, occupation, gender, and age.

The company told WSJ that shutting down Google+ is part of a recent effort to limit third-party developers access to its users' data, including Gmail add-on developers and Android app developers.

CBSNews.com sibling website CNET noted on Monday that after Google announced the social network's shutdown, even people who helped launch the product said the time had come to end it.

More news: Drew Brees Becomes NFL's All-Time Leader in Passing Yards

"We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused".

"We discovered and immediately patched this bug in March 2018", Ben Smith, the company's vice president of engineering, wrote. It's also limiting said apps' ability to access private data outside of specific use cases.

Google is shutting down the consumer version of Google+ because the social media network isn't worth maintaining, the company said Monday. Users will be able to download and migrate their data. In fact, usage is pretty minimal on the site, with "90 percent of Google + user sessions" being "less than five seconds". Google further said that the enterprise version of Google+ will continue.

"Only apps directly enhancing email functionality - such as email clients, email backup services and productivity services (e.g., CRM and mail merge services) - will be authorised to access this data", Smith added. But Google says it has no way of confirming these numbers or which users may have had their data exposed improperly.

Google today also revealed some more steps that it's taking to help protect user data.

Share