Google+ will now shut down four months early
Goggle has faced another vulnerability; its last release in November introduced an API bug that was active for about 6 days, impacting 52.5 million users. Google has therefore decided to shut down the consumer version of the social network four months earlier than it originally planned. Additional APIs' access to the network will shut down within next 3 months.
As per Google, this vulnerability impacted 52.5 million users, who could have had their profile information like their name, email address, occupation, and age exposed to developers, even if their account was set to private. Apps could also access profile data that had been shared with a specific user, but was not shared publicly. In addition apps with access to a user's Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly.
In October, a similar Google+ vulnerability was revealed to have exposed private user data to developers for as long as three years. The bug was first discovered in March, but not publicly disclosed until October, resulting in significant transparency concerns. In response, Google announced plans to shut down the consumer version of Google+, which had long struggled to attract users. This time around, Google says it discovered the leak on its own and it was live for just six days — between November 7th and November 13th.
“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days,” reads the blog post, penned by David Thacker, Google’s vice president of project management. “In addition, we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019. While we recognize there are implications for developers, we want to ensure the protection of our users.”
Google discovered the bug as part of its standard testing procedure and says there is “no evidence that the app developers that inadvertently had this access for six days were aware of it or misused.” Google says it’s begun notifying users and enterprise customers who were impacted by the bug.
“We understand that our ability to build reliable products that protect your data drives user trust,” Thacker wrote. “We have always taken this seriously, and we continue to invest in our privacy programs.” Google still plans to continue operating Google+ as an enterprise product for companies that subscribe to its G Suite service.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.