Google+ bug exposed data of 52 million users – platform to shut four months early
Google’s social media platform Google+ has suffered a fresh data leak, compromising the personal information of more than 50 million users.
The tech giant responded by bringing forward the closure of the under-loved Google+ service by four months, shutting it in April 2019 rather than August as it had originally planned.
In a blog post on Monday, Google said the flaw affected 52.5 million users who could have had profile information like their name, email address, occupation, and age exposed to developers, even if their account was set to private.
It is the second data leak for Google+ this year, coming after the company revealed in October it had found a security flaw potentially affecting half a million users.
The first bug was discovered in March but not announced publicly for more than six months, prompting concerns around transparency.
At that point the company announced it would shut down Google+ in August but after the latest breach it will now close in April for consumers and within 90 days for developers using Google+ API .
“With the discovery of this new bug, we have decided to expedite the shut-down,” Google’s vice president of project management David Thacker said in the blog post.
He added: “While we recognise there are implications for developers, we want to ensure the protection of our users.”
Mr Thacker said the leak was discovered by the company through regular testing and it was only live from November 7-13 before it was patched.
That means third parties could have had improper access for six days but Google said they have found no evidence the bug was exploited or data misused.
The flaw did not expose financial data, passwords, or national identity numbers, Google said.