Google’s social media network Google+ is shutting down even earlier than planned after a new bug was discovered that could affect as many as 52.5 million users.
CBS San Francisco reports that Google plans to shut down its Google+ social media network earlier than previously planned after a new bug was discovered that would reveal the personal information of 52.5 million users to software developers.
Breitbart News reported in October that a previous bug in the Google+ platform gave third-party developers access to individual Google+ accounts since 2015 and Google staff were aware of the problem since March, but decided not to notify users that their personal information could be vulnerable because it would bring the company “into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal,” according to internal company documents.
Now, in a recent blog post, Google has revealed that a new bug has left even more Google+ users vulnerable to having their personal data revealed. The blog post outlines the bug stating:
Our investigation into the impact of the bug is ongoing, but here is what we have learned so far:
- We have confirmed that the bug impacted approximately 52.5 million users in connection with a Google+ API.
- With respect to this API, apps that requested permission to view profile information that a user had added to their Google+ profile—like their name, email address, occupation, age (full list here)—were granted permission to view profile information about that user even when set to not-public.
- In addition, apps with access to a user’s Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly.
- The bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.
- No third party compromised our systems, and we have no evidence that the developers who inadvertently had this access for six days were aware of it or misused it in any way.
The company claims to have fixed the bug within a week of discovering it. Previously Google planned to shut down Google+ in August 2019 after the discovery of the initial data breach relating to the social media service, now the company plans to shut down the service in April 2019. API access for developers is also expected to be shut down within the next 90 days.