Google announced that it is going to shut down its social media network Google+ for consumers in the next 10 months. The declaration comes after the disclosure of a vulnerability that exposed around 500,000 users’ personal information to third-party developers. The services of Google+ for enterprise customers will remain active.
According to a report from the Wall Street Journal, the security flaw exposed the private Google+ profile data in 2015. Google resolved the flaw in March 2018, but did not reveal it to the public due to regulatory issues.
The tech giant admitted that the flaw in Google’s APIs did expose users’ data, including usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. The bug allowed around 438 third-party developers to access the users’ data, but Google clarified the users that there is no evidence of misuse of the data by any of the developers.
“We found no evidence that any developer was aware of this bug or abusing the API, and we found no evidence that any profile data was misused,” said Ben Smith, the vice-president of engineering.
Defending the company’s decision, Smith said, “Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice.” Smith added that they are providing ways to the consumers to download or migrate their data from Google+ till August 2019.