Google+ to shut down early after leak exposes 52m users

Google+ to shut down early after leak exposes 52m users

Two months after disclosing an error that exposed the private profile data of nearly 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people.

Google said that its systems had not been compromised and that there's "no evidence that app developers" were aware of the bug or "misused it in any way".

The error related to the social network's Application Programmer Interface (API), a tool that allows app developers to extract information so that they can integrate their apps with Google's services. Google+ was slated for closure (to consumers) in August 2019, but unfortunately for the platform's remaining users, Google has bumped that date up by four months to April.

The company said it was in the process of notifying consumers, and that those who were impacted should keep an eye out for a notice from Google. However, it was only around for six days before Google fixed the issue. In October, Google admitted it had failed for six months to reveal information about a bug that put at risk the data of hundreds of thousands of users.

"We've recently determined that some users were impacted by a software update introduced in November that contained a bug affecting a Google+ API", the company wrote. As a result, the Google+ shut-down has been moved up from August 2019 to April 2019.

The bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.

"With the discovery of this new bug, we have made a decision to expedite the shutdown of all Google+ APIs [application programming interfaces]; this will occur within the next 90 days", wrote David Thacker, head of product management for G Suite, Google's range of apps offered to businesses.

With respect to this API, apps that requested permission to view profile information that a user had added to their Google+ profile - like their name, email address, occupation, age - were granted permission to view profile information about that user even when set to not-public.

Related Articles