MANILA, Philippines - Google’s own social network, Google+, will shut down after a vulnerability exposed the personal information of over 500,000 users, according to CNET.
According to The Wall Street Journal, who first reported the story, Google refused to immediately disclose the bug when it was fixed back in March due to fear of regulatory scrutiny from lawmakers.
Facebook was dealing with the Cambridge Analytica scandal during this time and Google was afraid to be caught in a similar scandal. This is likely why an internal committee reportedly made the decision to keep the vulnerability a secret and briefed Google CEO Sundar Pichai about their plan.
Google who has now gone public with the data exposure wrote in a blog post that they found no evidence of data misuse. Despite this, they still plan to shut down Google+, providing people the next ten months to migrate their personal information.
The bug was discovered in one of the Google+ application programming interfaces (APIs) when the company conducted an audit of third party developer access to Google accounts and Android data, in a project called Project Strobe.
The API allowed users to grant access to their and their friends’ profile information to apps. This means that the bug had access to information shared to the user, even those not marked as public.
Google said that there are up to 438 apps that use the affected API. The company, however, cannot confirm which users were affected by the bug when it was active from 2015 to 2018.
The search giant has recently been the topic of numerous headlines for allegations regarding data collection. It was previously reported that Google had plans for a China search engine that could track its users’ search data.
Google said that it often notifies users when there are security issues and user data is affected but its privacy and data protection office said the bug in question did not meet the threshold. – Rappler.com