A Google+ security breach gave outside developers access to the private data of hundreds of thousands of the social network's users between 2015 and March 2018, according to a Wall Street Journal report. The reason, as reported by WSJ, is that it wasn't reported "because of fears that doing so would draw regulatory scrutiny and cause reputational damage". In turn, this meant that nearly 500,000 users' names, email addresses, dates of birth, gender, location, occupation, and relationship status were made available to developers, all without their knowledge.
At least two USA states are investigating a breach at Alphabet Inc's Google that may have exposed private profile data of at least 500,000 users to hundreds of external developers.
Google is closing its troubled Google Plus social network following the discovery of a software glitch this past spring that may have exposed user information of up to 500,000 customers between 20015 and 2018, the company said Monday.
Smith said that when users grant permissions to access SMS, Contacts and Phone data to apps, they do so with specific use cases in mind, again indicating that the present policies have given developers overly broad access to people's information. But for the year, stock in Google's parent company is up 10%.
Earlier on Tuesday, Ireland's data protection regulator said it would seek more information from Google regarding the breach. "We chose to sunset the consumer version of Google+", the company said in the post.
Tyler Moffitt, senior threat research analyst at security firm Webroot, said: "Although it seems that Google has shut down an entire line of business due to this breach, from a GDPR perspective, the company appears to have gotten off lightly".
David Carroll, a USA professor who sued Cambridge Analytica in the United Kingdom courts to reclaim his data, told The Guardian: "Google is right to be concerned and the shutdown of Google+ shows how disposable things really are in the face of accountability". In recent years, Google began to de-couple Google+ from its core services, and shifted its focus on standalone products like Google Photos.
"The consumer version of Google+ now has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds", said Google, which is headquartered in Mountain View in northern California, Xinhua reported.
Following this report being published, Google announced that it found the security hole in part thanks to something the company is calling Project Strobe. The software flaw affected how the social network, created to rival Facebook but never seriously challenging it, interacted with third-party applications.