- Google revealed that it is shutting down its social media platform Google Plus.
- A security vulnerability was disclosed by the tech giant that is said to have affected up to 500,000 users.
- The security issue occurred in March, but Google did not reveal the data until now.
Google Plus was meant to be Google’s answer to Facebook, but the tech giant failed to get the traction it needed. Despite years of attempts to keep the platform running, a data leak that may have affected up to 500,000 users has forced the tech giant to shut it down.
The security flaw occurred in March, but Google did not reveal details about the incident until recently because the company felt no one had gained access to the user information that was potentially exposed. Moreover, Google’s “Privacy & Data Protection Office” decided it was not legally required to report the Google Plus security flaw.
The cybersecurity community was not happy about the decision to keep the issue safe. With GDPR regulations going into effect, the tech giant was finally forced to reveal details about the Google Plus security flaw. As many as 438 third-party applications may have had access to user data through vulnerability.
The Google Plus vulnerability allowed third-party developers access to names, email addresses, occupation, gender and age of users. However, messages, phone numbers, and Google Plus posts were inaccessible. After investigating, Google found out that third-party developers did not know about the security flaw.
Google Vice-President for Engineering said the company looked at the “type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance.”
Google also announced Project Strobe earlier today as part of the official announcement about Google Plus’s shutdown. The tech giant will be focusing on improving privacy controls and restrict third-party access to user data going forward to prevent similar data leaks in the future.