Published: Wed, October 10, 2018
Tech | By

Google to shut down Google Plus after user information exposed

Google to shut down Google Plus after user information exposed

Up to 500,000 people may have been affected by the flaw, which allowed hundreds of apps to access data including people's jobs, ages and location information.

Webroot senior threat research analyst Tyler Moffitt says, "Although it seems that Google has shut down an entire line of business due to this breach, from a GDPR perspective, the company appears to have gotten off lightly. The consumer version of Google+ now has low usage and engagement: 90% of Google+ user sessions are less than five seconds".

Google+ will be shut down over a 10-month period, concluding in August 2019, as Google admits that it never gained the traction they had hoped.

The tech firm kept quiet for months about a security flaw that gave third-party apps access to private information on the Google+ social network.

Google reveals on a support page that the Google+ app can't be deleted on some Android devices, but they can be disabled on all Android devices.

Nevertheless, as a result of the security audit, the search giant has vowed to allow users to tightly control what data is made available to third-party applications that sync with Google accounts. The error allowed the details of nearly 500,000 people to be accessed by the applications, even when they had demanded that they keep their data private. (See the full list on our developer site.) It does not include any other data you may have posted or connected to Google+ or any other service, like Google+ posts, messages, Google account data, phone numbers or G Suite content.

According to the WSJ, this vulnerability was live between 2015 and March 2018. "Additionally, the decision not to disclose the discovered vulnerability speaks to a fear of reputational damage and possible legal ramifications or litigation in light of recent Senate hearings and the GDPR [the European Union's General Data Protection Regulation]".


That's the stunning revelation in a new report in The Wall Street Journal.

Google deliberately avoided disclosing the problem at the time, in part to avoid drawing regulatory scrutiny and damaging its reputation, according to a Wall Street Journal story that cited anonymous individuals and documents.

The Google+ vulnerability was discovered at a time that nearly coincided with the notorious privacy leakage scandal of the world's largest social media network Facebook, which has been widely criticized for its failure to protect its users' private data.

A spokeswoman for Google said that whenever user data may have been affected it determines whether to tell people based on a number of criteria.

The internal memo obtained by the Journal says that while Google has no evidence that outside developers misused, it has no way to know for sure.

Google+ has hardly been a roaring success for Mountain View team.

Like this: