On Monday, The Wall Street Journal reported that Google exposed the private data of hundreds of thousands of Google+ users, from 2015 through early 2018. Before patching it, Google ran an analysis and found that up to 500,000 Google+ accounts were affected.
The profile data that was exposed included full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status; it didn't include phone numbers, email messages, timeline posts, direct messages or any other type of communication data.
Although Google discovered and patched the potential data leak in March 2018, the company initially opted not to publicize it. The company initially closely connected Google+ with a number of other Google products, including YouTube, Hangouts and even search.
Google is shutting down its Google+ social network.
"Going forward, consumers will get more fine-grained control over what account data they choose to share with each app", Google said. The Wall Street Journal reports the company didn't reveal what had happened "in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage".
In a memo viewed by WSJ that was sent to senior executives, including CEO Sundar Pichai, Google's legal and policy staff stated that disclosing the incident would trigger "immediate regulatory interest".
Epidemiologist warned someone not to do a flu shot
Officials say that there are over 168 million vaccines that can help patients not to die from the 2018-2019 season of flu. Those with compromised immune systems should talk to their physician about whether a flu shot is appropriate.
While Google says there is no clear misuse of profile data that occurred as a result of this breach, MacMillan of the Journal says it raises questions about the company's commitment to user privacy.
As Google only keeps two weeks of API logs for its Google+ service, it was impossible for them to determine if the bug was ever misused.
Google says that 90 per cent of Google+ user sessions lasted for less than five seconds.
Google admits that Google+ has failed to achieve broad consumer or developer adoption since its introduction. "Given these challenges and the very low usage of the consumer version of Google+, we chose to sunset the consumer version of Google+". Mr. Smith, however, announced that Google will not be shut down immediately. Up to 438 applications on Google Plus had access to this API, though Google said it has no evidence any developers were aware of the vulnerability.
The company, however, can not confirm which users were affected by the bug when it was active from 2015 to 2018.