Google+ Shuts Down After Software Bug Compromised Half A Million Accounts

By evincepanel - October 15, 2018 783 Views
Google+ Shuts Down After Software Bug Compromised Half A Million Accounts

Google has confirmed the closure of its social networking site Google+ which was launched to compete Facebook but failed miserably. However, the big news is not that Google Plus, being finally closed down, but the highlighting news is that Google has hidden the data leak report that breached nearly 500,000 accounts.

According to the report by the Wall Street Journal, Google discovered a major software Glitch its API in the March 2018 which was in existence since 2015. WSJ further quoted that the issue was reviewed by Google’s legal and policy team and decided not to report the problem. Also, the CEO of Google, Sundar Pichai, was kept in the loop on this major issue. The report further added that Google was worried about publishing this issue to the public as it could lead the comparison with Facebook and Cambridge Analytica scandal.

The issue was discovered by Google’s internal security team called Project Strobe which copes with the issues like privacy and security. The privacy issue was also reported on the products like Gmail and Android too. Project Strobe is a root branch of Google, which reviews third-party developers and their access to Google account and Android device data.

Google+ Data Breached: What’s the issue?

Right now, the most important thing is that Google+ is closing down, but only the consumer version. The commercial version will continue to exist. A review of Google + related APIs revealed serious security vulnerabilities in which a specific glitch allowed application developers to access user profile fields that were not marked as public. In essence, some application developers might access the data that are only allowed to friends and their close circles. The software bug was detected in one of the Google+ People APIs.

Google-backed with the statement that 90% of Google+ user sessions last less than five seconds, but the threat could lead serious damage as a user which hold a Gmail or Google Account automatically gets a Google+ account and many users even don’t remember that they have a G+ account.

Google on his support made a statement that only profile fields such as name, email address, occupation, gender, and age have been breached. The data published by users such as Google’s posts, messages, account information, phone numbers, or G Suite content on Google+ has not been filtered and are protected by the company.

Google admits to having a serious software API bug in March 2018 but claims to have found no misuse of data by the application developers.

Google data loss: how many users are affected?

Google mentioned that their API on the app could only record data for two weeks, which means that they cannot confirm the accounts affected by this error or not. According to the report by WSJ, it is estimated that more than 500,000 Google+ accounts have been affected.

It is possible that nearly 438 applications have used the API. The company stated that there is no evidence that any developer has noticed this error or misused the API. Also, no evidence was found for any profile data being misused by the developer,” Google said.

The company mentioned that it’s “Office of Data Protection and Privacy” investigated the glitches and found no evidence of its misuse. Because Google does not know which accounts are affected by the API bug, users also may not even know if their account’s data has been compromised or not.

Google said they are working on the issue to find the breaching source soon and to give users a better picture of the situation so that they stay protected in the future.

Google mentioned that they have decided to end the public version of the site due to its low public usage. They also point out that their “social network” need more maintenance towards security and privacy which needs a couple of months.

Google+ will start using the resources and shut down its public issue within the period of 10 months till August 2019. Consumers will get accurate information on migrating and downloading their data soon. Google+ also hold a corporate version of the site which the company says is working fine and will remain online.

Google said they have decided to focus the efforts of the company towards bringing an advanced and secured version of social networking site specifically designed for the marketplace. Comment down below what’s your thought and opinion on this and how you could remain secure from online data breaching.