Google+ shutting down following security bug

Kelley Robertson
October 9, 2018

It opted not to report it, "in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage".

"Our review showed that Google+ is better suited as an enterprise product where co-workers can engage in internal discussions". "We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused".

Google will shut down the consumer version of its social network Google+ after announcing data from up to 500,000 users may have been exposed to external developers by a bug that was present for more than two years in its systems. And in a dramatic move, the company has announced that it is shutting down Google+ for consumers. Google is updating the Google Play Developer Policy to make protect this information.

Google+ has been largely forgotten for a few years now, not just by its users, but also by the team that had been working on the platform.

It was referring to application programming interface software for the social network.

According to the WSJ report, Google executive leadership did know about the bug yet made a decision to not report it immediately due to concerns over regulatory scrutiny.


The data breach was revealed by the Wall Street Journal today, and it wasn't long before Google published a detailed blog post outlining its own findings and the action it is taking.

Shares of its parent company Alphabet Inc, however, were down in response to what was the latest in a run of privacy issues to hit big United States tech companies. And last month, Facebook disclosed that attackers exposed information on almost 50 million users. "FINALLY", tweeted David Byttow, a former Google engineer. It's perhaps another case of arrogant Google's do-as-we-say, not-as-we-do approach to technology and life.

"Going forward, consumers will get more fine-grained control over what account data they choose to share with each app", Google said.

The company acknowledged that as part of the Project Strobe audit, "we discovered a bug in one of the Google+ People APIs".

Google can not confirm which users were specifically impacted by this bug. The company said however, that the information that was accessible consisted of a user's name, email address, occupation, gender and age. The bug was reported to have potentially allowed app developers to access profile data from even private accounts. But many people complained that they didn't know anyone on Google+. "Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice", he says. "None of these thresholds were met in this instance", wrote Ben Smith, a Google vice president of engineering.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER