Google exposed personal data of nearly 500,000 and didn't disclose it

Alfred Osborne
October 11, 2018

Google is shutting down its Google+ social network for consumers after discovering-and, for seven months, not disclosing-a bug that could have exposed private data for up to 500,000 users since 2015.

The post says that a bug discovered in one of the Google+ People APIs allowed users to can grant access to their profile data, and the public profile information of their friends, to Google+ apps, via the API. "None of these thresholds were met in this instance".

The company is also stressing its commitment to security - now offering "more fine-grained control" of what account data Google users share with third-party apps.

Google found and patched the hole this March and an engineering team had briefed CEO Sundar Pichai on the issue along with its prposed intention to not disclose the vulnerability for fear of government investigation and loss of public trust. Google ran an internal test and found that as many as 496,951 users may have had their data compromised, according to the Wall Street Journal.

"The consumer version of Google+ now has low usage and engagement: 90 percent of Google user sessions are less than five seconds", the company said.

Hurricane Michael intensifying, forecast to become Category 4 by landfall
Currently, Michael is located 295 miles south of Panama City, Florida, and 270 miles south-southwest of Apalachicola, Florida. It is expected to become a Category 3 storm by the time it makes landfall on the Florida Panhandle sometime Wednesday.

Borderlands 2 gets PSVR treatment
Plus, lust after procedurally-generated shields, grenades, relics, class mods and more for maximum power and mayhem! In any case, you can expect to play Borderlands 2 on PSVR when it launches on December 14th.

Ind. bride takes wedding photos alone after fiancé killed
Murphy was one of five firefighters from IN honored at the National Fallen Firefighters Memorial Service on Sunday IN Washington. The town of Montgomery also honored Kendall, deciding to light several buildings-including the Montgomery Fire Station and St.

Gmail add-ons available to consumers starting next year will be barred from selling user data and be subject to a third-party security assessment that will cost them about $15,000 to $75,000, Google said.

Those who are very panicked may find solace in the fact that Google did state that the firm only keeps API log data for two weeks. Google is finally killing its awful social network Google+. However, Google claims to have no evidence that suggests that any external developer or app had access to the data. In the aftermath of what appears to have been a major security flaw within Google+, the company ended up not disclosing the breach of information to its users.

Google is also likely to roll out several other gadgets, including a new version of its "smart" Home speaker, a rumoured tablet with a detachable keyboard and an update to its Chromecast streaming device, based on media leaks. Google declined to comment beyond its blog post.

David C. Vladeck, former director of the FTC's Bureau of Consumer Protection and now a Georgetown Law professor, said the new Google+ incident is "obviously a problem for Google".

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER