Published: Wed, October 10, 2018
Tech | By Constance Martin

Google+, Google’s social network, to shut down after bug exposes users’ data

Google+, Google’s social network, to shut down after bug exposes users’ data

Google said it launched an effort at the beginning of the year called Project Strobe created to review how other apps connect to Google +'s services, and that it was making other changes as a result. It will take 10 months to completely close the service, and a version for businesses will remain open.

A major security bug appears to also be to blame for the Google+ shutdown.

According to the blog post, the Google Plus data that was potentially exposed included names, email addresses, occupations, date of birth, profile photos and genders. The company has said it hasn't found any evidence that the exposed data was misused or inappropriately accessed by any third party. "Ultimately it will be up to users to proactively monitor how their data is used and what applications have access to that data by using strong passwords and carefully reviewing access requests prior to using an app like Google+", she added.

Google does not yet have a lead EU Supervisory authority, as the breach apparently happened before the EU's new privacy law, the General Data Protection Regulation, was implemented. No developer exploited the vulnerability or misused data, the company's review found. Google claims that they didn't tell its users because they believed that without sufficient information on who was hacked, they found it wouldn't be useful to identify the public on the matter.

"We discovered and immediately patched this bug in March 2018", Ben Smith, the company's vice president of engineering, wrote. The issue reportedly affected users on the site between 2015 and March 2018. The company did not check up with any of the developers of the aforementioned 438 apps.

US Unemployment Rate Drops To 3.7 Percent, Lowest Rate Since 1969
Friday's report revised August's count of new jobs from 201,000 to 270,000, while July's tally was revised from 165,000 new jobs. Ambulatory healthcare services added 10,300 jobs in September, while nursing and residential care facilities added 3,400 jobs.

On Monday, the company announced that it was shutting down its social network, Google+, which was the source of the flaw. Users have to provide "explicit permission" in order for them to gain access to it.

When you hit that, Google will let you know what you're about to do and give you options to get more details about the implications of deleting your account.

Call logs and SMS permissions will no longer be sent to developers, while contact interaction data won't be accessible via the Android Contacts API. Users (whoever they might be) have had plenty of time to download and migrate their data before the platform's final days arrive in August of next year.

Such apps include email clients, backup and productivity services, Smith said.

What's more, Google says these apps will have to agree to new rules around handling Gmail data and will be subject to 'security assessments'. An internal Google memo said that if it reported the issue, it would result in Google "coming into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal".

Like this: