Google+ is shutting down, and it is not because of the usual crazy Google way of killing its own products. It is because of a massive data breach.
What happened to cause this?
A report by The Wall Street Journal says that Google+ had a bug which enabled third-party developers, to view private data from Google+ profiles belonging to users. This included the following information:
- Full names
- Email addresses
- Birth dates
- Gender
- Profile photos
- Places lived
- Occupation
- Relationship status
According to the report, 496,951 users were affected, and up to 438 applications had access to the data. The important factor here, is that this data is not normally available to developers, without the user's permission. This data breach lasted for a good 3 years, from 2015 to March 2018, which was when Google discovered the issue, and patched the security vulnerability.
Google claims that there is no evidence that any of the data was actually used by the developers, because it has limited logs. The worrying point however, is that some of the accounts belong to G Suite users (paying customers of Google Docs and Google Drive), which include Governments, Businneses and Schools.
So, why is Google+ is shutting down?
Let’s call a spade a spade. Google+ never took off. The social network was launched to take on Facebook, but did not manage to create any real impact. Google+ is being shutting down, in the wake of this massive data breach, as part of some privacy and security measures which the company will be announcing for its services.
The bigger problem with the Google+ leak
What could be worse than users having their data stolen? Users not being aware that the incident had happened. And yet, that is exactly what Google did. The search giant hid the data breach by keeping quiet, hoping nobody would discover it.
Here is an excerpt from the WSJ report:
Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage.
The company arrived at this decision, after an internal committee comprising of senior executives from the Google's Privacy and Data Protection Office, were worried that disclosing the breach, would tarnish the company’s image, just like what happened to Facebook with the user data leak in the Cambridge Analytica scandal. In other words, it was trying to cover up the issue, to try and save face. Not only that, Google was also worried about legal issues, and “immediate regulatory interest” from security agencies/Governments. And of course, there is the obvious fact Google may have been looking at the issue impacting its share prices, which could plummet and in turn result in Millions of Dollars worth of losses.
Google doesn’t care about user privacy, it never has. Earlier this year, it was discovered that Google had allowed third-party email apps, some of whom read the mails, to improve their own system’s algorithms. The company of course denied that this had been misused, but you should know better. Google might be looking at facing class action lawsuits over the Google+ data breach.