Google+ to shutdown after up to 500,000 accounts were compromised in a data leak
Wednesday, October 10, 2018/
Google has decided to shut down the consumer side of its social media platform Google+ after finding a glitch in its system that has leaked the data of up to 500,000 accounts.
The revelation, which Google detailed in a blog post about the shutdown, is the latest in a line of social media data leaks in 2018, which have also affected Facebook users.
Google said a bug in one of its Google+ People APIs had provided third-party applications with access to profile data that was not marked as public, possibly including names, emails, occupation, gender and age.
Google found out about the bug in March and immediately patched it, but did not disclose the details of the breach until yesterday.
Up to half-a-million accounts have been potentially affected by the leak, although Google doesn’t know which specific users had their data compromised because API log data is only kept for two weeks.
A Google spokesperson declined to comment when asked whether the data of any Australian customers was leaked, but did not rule out the possibility.
The technology giant said 438 applications could have used the API but there was no evidence any developer was aware of the bug or abused it.
“We found no evidence that any profile data was misused,” Google said.
The disclosure comes less than two weeks after Facebook revealed more than 50 million accounts on its platform were affected by a login vulnerability in its code.
Facebook also came under fire earlier this year for another breach that allowed data analytics firm Cambridge Analytica to misuse data.
After making the leak public, Google announced its social media platform Google+ would be shut down for consumers.
The announcement was accompanied by a rather self-deprecating, yet honest, admission from the Google team about its venture into the social media sphere.
“While our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps,” Google said.
“The consumer version of Google+ currently has low usage and engagement: 90 per cent of Google+ user sessions are less than five seconds.”
A Google spokesperson declined to clarify whether businesses that had invested in its social media platform would also have their pages shut down.
“Every year, we send millions of notifications to users about privacy and security bugs and issues. Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice,” a Google spokesperson said.
“Our Privacy and Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met here.”