Google+ will close due to privacy bug that exposed data of 500,000 users
Google is to close its Google+ social network due to a bug in the API that may have exposed the data of 500,000 users to outside developers.
Introduced with the platform’s redesign in 2015, the flaw was only discovered and patched in March of this year when Google’s security engineers carried out their ‘Project Strobe’ security audit into all APIs associated with Google+.
The bug may have provided external developers with access to the “static” profile information of Google+ users, such as name, email address, occupation, gender and age.
More sensitive data such as Google+ posts, messages, account data or phone numbers were not exposed.
Up to 438 external applications, such as online games or quizzes, could have exploited the flaw.
However, Google says it hasn’t found any evidence of misuse of user information resulting from the security flaw.
Google has been criticised for not disclosing the problem sooner, but Ben Smith, the company’s vice president of engineering explained that their silence was justified due to various factors.
He said: “Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response.
“None of these thresholds were met in this instance.”
The consumer version of Google+ will be closed by September 2019.