Google + security bug disclosed, service to be shut down

Image Google

Google will close most of its failing social media platform Google+ and implement several new privacy measures after discovering that hundreds of thousands of users potentially had their personal data exposed because of a previously undisclosed software bug, the company announced Monday. At the time, multiple governments were scrutinizing Facebook over its data practices, and, according to WSJ's report, this seems to be the reason why Google failed to disclose its security issue to the public.

Google put the "final nail in the coffin" of the Google+ product by shutting down "all consumer functionality", the Wall Street Journal reported citing an internal memo.

A bug in Google+ exposed the personal data of almost 500,000 people and Google chose not to disclose it out of fears of regulatory pressure.

While Google says there is no clear misuse of profile data that occurred as a result of this breach, MacMillan of the Journal says it raises questions about the company's commitment to user privacy. Google explained that there was indeed a glitch that could allow developers to access private profile information, including a user's name, email address, occupation, gender, age, and profile photo. "None of these thresholds were met in this instance". The company said it found "no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused". Instead of reporting this to subscribers of the service, Google chose to just let it slide so that it wouldn't be subject to investigation by regulatory agencies. The consumer version of Google+ now has low usage and engagement: "90% of Google+ user sessions are less than five seconds".

The exposed information did not include posts, messages or telephone numbers, a Google spokesperson said. The bug allowed for developers that had access to Google+'s API to access information of users that gave permission to the program.

The closure isn't because people are happier using Facebook and Twitter instead of Google's service.

Google+ is an Internet-based social network that was launched in June 2011 and is owned and operated by Google.

The company said the bug was located in the Google+ People API. There are additional privacy moves in motion here, too, with Google's Project Strobe security audit also meaning most third-party developers will no longer be able to access Android SMS data, call logs, and (some) contact information.