Published: Thu, October 11, 2018
Tech | By

Google+ to close following security flaw publication

Google+ to close following security flaw publication

Google also admitted that a privacy bug back in March gave more than 400 third-party applications access to users' names, email addresses, occupations, genders and ages without authorization.

Now, according to a report in the Wall Street Journal, and internal memo at Google warned that going public about the data leak would attract "immediate regulatory interest". The bug was reported to have potentially allowed app developers to access profile data from even private accounts. Google believes that nothing nefarious was done with the information, however, and claims to have already fixed the problem.

But the company said it reviewed the issue and looked at the type of data involved, if it could correctly identify the users affected to inform them, if there was any evidence of misuse, and if there was any action a user or developer could take. "None of these thresholds were met in this instance", wrote Ben Smith, a Google vice president of engineering. "It's that Google's execs knowingly avoided disclosing an issue because they knew it'd invite gov scrutiny & bad PR". "Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice".

Webroot senior threat research analyst Tyler Moffitt says, "Although it seems that Google has shut down an entire line of business due to this breach, from a GDPR perspective, the company appears to have gotten off lightly".

Google is closing its social network, Google Plus, following the discovery of a security breach this past spring, in which up to 500,000 customers (between 2015 and 2018) had their information exposed. The company has found no evidence that Profile data was misused.

Besides low usage, Google+ engagement rates are also defeating, with 90-percent of all sessions lasting for under five seconds, according to Alphabet's subsidiary.

"If you have a Google tattoo on you, then these are the phones for you", IDC analyst Ramon Llamas said of the Pixel's limited appeal so far.

Following this report being published, Google announced that it found the security hole in part thanks to something the company is calling Project Strobe. The incident was discovered in the same month that it was revealed that Cambridge Analytica harvested the data of 50 million Facebook users. The campaign, titled "Don't Shut Down Google Plus", has more than 8,000 signatures at the time of writing.

Like this: