Second data breach causing Google to sunset Google+ sooner

Google / Security / Tech
Google+-second-data-breach

If you’ve been hanging onto Google+, like some of us have been, there’s no better time than the present to move on to other social media networks.

If you were hoping by some miracle that Google would extend the shuttering of Google+, hope no more. Google has announced that the service will be shutting down in April 2019, not August as previously stated due to a second data breach.

According to the tech giant, a second bug was introduced into the Google+ API after an update in November. This bug was fixed within a week of being introduced, however, as a result, Google has moved the timeline for closing Google+ up by four months. In addition, Google will be expediting the shutting down of Google+ APIs. This will occure within the next 90 days.

While Google says “no third party compromised” their systems, the bug did impact roughly 52.5 million Google+ users.

Our investigation into the impact of the bug is ongoing, but here is what we have learned so far:

  • We have confirmed that the bug impacted approximately 52.5 million users in connection with a Google+ API.
  • With respect to this API, apps that requested permission to view profile information that a user had added to their Google+ profile—like their name, email address, occupation, age (full list here)—were granted permission to view profile information about that user even when set to not-public.
  • In addition, apps with access to a user’s Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly.
  • The bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.
  • No third party compromised our systems, and we have no evidence that the developers who inadvertently had this access for six days were aware of it or misused it in any way.

We have begun the process of notifying consumer users and enterprise customers that were impacted by this bug. Our investigation is ongoing as to any potential impact to other Google+ APIs.

Google also goes on to mention that they are in the “process of notifying any enterprise customers that were impacted by this bug.”

If you’ve been hanging onto Google+, like some of us have been, there’s no better time than the present to use Google Takeout to archive your Google+ data and move on to other social media networks.

What do you think about this second data breach caused by an internal bug and Google’s decision to accelerate the shuttering of Google+? Let us know in the comments below or on Google+, Twitter, or Facebook.

 Source: Google
Comments
To Top