Logo

Logo

Google to shut down Google+ after bug exposes 500000 users’ data

The flaw detected in March exposed private user data, including information such as occupation, gender, age, and email addresses, to third-party developers, says Google

Google to shut down Google+ after bug exposes 500000 users’ data

Google is giving itself time till the end of August 2019 to complete the process of the wind-down. (Photo: AFP/Google+)

Seven years after it was launched, Google+ networking site is going to be a thing of past. Internet search giant Google is shutting down the consumer version of Google+ after it discovered a bug that it says exposed the data of 500,000 users. Google, which has also cited “low usage” as a reason to sunset the platform, seems to have hidden the bug issue from the world for more than six months now, as it admits in a post that the bug was detected in March 2018.

“The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds,” Google said in the post.

Advertisement

Stating that Google+ would go off the web for consumers in the coming months, the tech giant said its review showed that Google+ APIs, and the associated controls for consumers, were challenging to develop and maintain. It said the aforesaid bug was discovered in one of the Google+ People APIs.

Advertisement

“Users can grant access to their Profile data, and the public Profile information of their friends, to Google+ apps, via the API. The bug meant apps had access to Profile fields that were shared with the user, but not marked as public,” said the post.

READ | Data breach scandal: CBI seeks information from Facebook, Cambridge Analytica, GSR

The flaw exposed some private user data, including information such as occupation, gender, age, and email addresses, to third-party developers.

“We discovered and immediately patched this bug in March 2018,” Google said.

The flaw has however existed since 2015, and Google accepts it could have potentially affected up to 500,000 Google+ accounts.

“Our analysis showed that up to 438 applications may have used this API,” Google said. It however claimed that no evidence was found that any developer was aware of this bug, or was abusing the API. “…and we found no evidence that any Profile data was misused,” said the Google blog post.

Google is giving itself time till the end of August 2019 to complete the process of the wind-down. Hence, users will have 10 months to extract the data shared till now. “Over the coming months, we will provide consumers with additional information, including ways they can download and migrate their data,” said the post.

While the user base of the networking site has been low, Google said it had realised Google+ was better suited as an enterprise product “where co-workers cab engage in internal discussions on a secure corporate social network”.

“We’ve decided to focus on our enterprise efforts and will be launching new features purpose-built for businesses. We will share more information in the coming days,” said the post.

The news of Google+ data breach comes at a time when another social media giant Facebook finds itself mired in trouble over a massive privacy leak scandal and its failure to protect privacy of users.

 

Advertisement