Google+ To Shut Down After Privacy Bug

A Google+ security breach gave outside developers access to the private data of hundreds of thousands of the social network's users between 2015 and March 2018, according to a Wall Street Journal report.

Alphabet Inc, Google's parent company, said about 5,00,000 Google+ accounts were potentially affected by a bug that may have exposed their data to external developers. However, many were quick to point out the announcement came after The Wall Street Journal reported the bug and said Google opted not to disclose it to avoid regulatory scrutiny and reputational damages.

The Wall Street Journal's Douglas MacMillan and Robert McMillan report that Google was anxious about public perception and regulatory scrutiny, and that Google wanted to avoid comparisons with Facebook, which at the time was dealing with its own data privacy scandal.

Google found and patched the hole this March and an engineering team had briefed CEO Sundar Pichai on the issue along with its prposed intention to not disclose the vulnerability for fear of government investigation and loss of public trust.

However, Google says that there is no evidence that any third-party developers were aware of the bug or abused it. Others include limiting what sorts of data that can be collected per transaction when users share their Gmail accounts and phone numbers.

Webroot senior threat research analyst Tyler Moffitt says, "Although it seems that Google has shut down an entire line of business due to this breach, from a GDPR perspective, the company appears to have gotten off lightly".

Google is shutting down the consumer version of Google+ because the social media network isn't worth maintaining, the company said Monday.

Google followed suit, letting outside developers access some Google+ data with users' permission.

They said the firm would now "sunset" the app, which failed to truly challenge market leader Facebook, citing "very low usage".

Google did not immediately respond to Reuters request for comment. This method will better secure third party APIs with Google services, allowing for less data to be given to outside applications.

Play Store apps will no longer be allowed to access text message and call logs unless they are the default calling or texting app on a user's device or have an exception from Google.