The Google+ data breach was discovered in March of this year during an audit of the company's APIs, conducted by a privacy task force codenamed Project Strobe. Before patching it, Google ran an analysis and found that up to 500,000 Google+ accounts were affected.
Thankfully, according to Google, no developer was aware of the bug, was misusing the Google+ API, or had misused private data from users' profiles. According to the Journal, Google's legal team said in a memo that news of the breach would result in "immediate regulatory interest".
As part of the announcement, Google also promised to give users "more fine-grained control over what account data they choose to share with each app".
Google said it would continue to offer private Google+-powered networks for businesses now using the software.
Google also announced that, "we can not confirm which users were impacted by this bug". The error allowed the details of nearly 500,000 people to be accessed by the applications, even when they had demanded that they keep their data private.
The affected data is limited to static, optional Google+ Profile fields including name, email address, occupation, gender and age, Google said.
Google's excuse is that it found no evidence of any of the data being misused, however, it also has no way of being sure of that. However, it's possible that data were abused and Google just doesn't know about it yet.
Google does not yet have a lead EU Supervisory authority, as the breach apparently happened before the EU's new privacy law, the General Data Protection Regulation (GDPR), was implemented. The company did not check up with any of the developers of the aforementioned 438 apps.
This bug helped outside developers to gain access to users personal data. This is likely why an internal committee reportedly made the decision to keep the vulnerability a secret and briefed Google CEO Sundar Pichai about their plan.
A Google spokesperson cited "significant challenges in creating and maintaining a successful Google+ that meets consumers" expectations" along with "very low usage' as the reasons for killing off the service. In addition, Google Account permissions dialog boxes will be split to show each requested permission, one at a time, within its own dialog box.
- Former first daughter Barbara Bush marries in Maine
- Officials warn about viral Facebook hoax messages
- Real identity uncovered of second Russian linked to Skripal poisoning: Bellingcat
- No. 1 Alabama is even recovering its own fumbles for touchdowns now
- Packers rule out WR Cobb; Adams to practice Saturday
- Amazon starts listing Core i9 9900K preorder at 499 United States dollars
- Open And Shut: A’s Out Early Again With Wild-Card Loss
- Hafeez, Imam help Pakistan to bright start against Australia
- Bulgarians mourn murdered journalist, European Union calls for fast inquiry
- Cities Continue The Push To Replace Columbus Day