The death of Google+: Social Media Platform Shuts Down Following 500,000 User Data Breach
Google has decided to shut down Google+ completely after a technical snag has been found to have caused user data breach amounting to more than 500,000 users. Google+ is an Internet-based social network owned and operated by Google. As of August 2019, the social network platform will be fully shut down. Users can download and migrate their information by then.
Ben Smith, Google Fellow and vice-president of engineering, revealed in a blog post that the platform is more suited as an “enterprise product where co-workers can engage in internal discussions on a secure corporate social network.” As such, Google plans to pitch it for businesses in the future. “Enterprise customers can set common access rules, and use central controls, for their entire organisation,” he said.
Smith revealed that in the beginning of the year, Google had introduced an initiative called Project Strobe, which looked at the operation of Google’s privacy controls, user platform engagement, and other areas. Citing that the findings show that creating and maintaining a successful Google+ product that meets consumer expectations is proving significantly challenging, Smith says Google+ will be shut down for consumers.
The blog also revealed that as part of the Project Strobe audit, Google discovered a bug in one of the Google+ People APIs, which meant that apps also had access to Profile fields that were shared with the user, but not marked as public.
The exposed data is limited to static, optional Google+ Profile fields including name, email address, occupation, gender and age not including any other data posted or connected to Google+ or any other service, like Google+ posts, messages, Google account data, phone numbers or G Suite content. While Google patched this bug in March 2018, the tech giant cannot confirm which users were impacted by this bug. However, after running a detailed analysis of more than the two weeks prior to patching the bug, Smith admitted that profiles of up to 500,000 Google+ accounts were potentially affected.
“Our Privacy and Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance,” Smith says.
As part of Project Strobe Google is also planning to launch more granular Google Account permissions that will show in individual dialog boxes, to update their User Data Policy for the consumer Gmail API to limit the apps that may seek permission to access user consumer Gmail data, and limiting apps’ ability to receive Call Log and SMS permissions on Android devices, no longer making contact interaction data available via the Android Contacts API.
This latest news is another in the wake of a string of events surrounding user data breach, which started with the Facebook and Cambridge Analytica scandal, followed by Aadhaar’s day in Supreme Court because of data security. The Wall Street Journal even accused Google of not reporting the public of the breach in time.