In October, Google announced that it will be shutting down Google+ because of a major privacy breach caused by a bug that existed since 2015. This shut down might happen sooner rather than later, as Google+ was found to have another new privacy bug. Read on to learn the full story.
Google+’s New Privacy Bug – Why The Service is Shutting Down Early
On Monday, Google said that it will shut down Google+ in April 2019. This new “end-date” is four months earlier than the date issued in October. The reason Google+’s end just got a little closer is that Google’s team found a new privacy bug. This bug gives partnered apps access to a user’s private data… again.
In a blog post, David Thacker, VP of Product Management, said that the bug came from a software update introduced in November. Google fixed the new privacy bug “within a week of it being introduced”.
Thacker went on to say “No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way.” Here is what Google is planning on doing next:
“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days. In addition, we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019. While we recognize there are implications for developers, we want to ensure the protection of our users.”
Official Details About the New Privacy Bug
Google made a few statements regarding this new bug that falls in-line with their investigation into it. Here they are summed up:
- The bug impacted 52.5 million users.
- The bug gave apps that request permission to “view profile information” were able to view the information even if it’s set to not-public.
- These apps also had access to data that was shared between two users, even if the data wasn’t shared publically.
- None of the data that could be used for fraud or identity theft was accessible.
- There is no evidence that this bug was ever exploited.
Google also informed its users that they will “continue to provide users with additional information, including ways they can safely and securely download and migrate their data” in order to ensure a smooth transition off of “consumer Google+.”
Some “enterprise” Google+ users were also affected. Google is currently in the process of contacting and informing those users of the bug.
Google+ and the New Privacy Bug – Final Thoughts
2018 was not a good year for Big Tech companies, especially since government officials and lawmakers finally started questioning them about their shady data-retention practices. A few weeks ago, we were all waiting to see what skeletons Facebook had in its closet. Tomorrow, it’s Google’s CEO who will be testifying in front of a congressional hearing. Hopefully, Capitol Hill will take a leaf out of the UK’s playbook and focus on getting some real answers.