Google+ service closure and data leaks

Google announced today that he closes the Google+ social network when company technicians found an API bug that may have exposed private data from certain profiles.

According to the company more than 500.000 are affected of Google+.google

The company said the bug was found in the Google+ People API. By default, Google+ users could give third-party apps access to their profile data. As with Facebook and the , Google+ users could allow third-party apps to obtain information from the public profile of the user's friends.

However, in a blog post, Ben Smith, Google Fellow and Vice President of Engineering, said the error allowed third-party applications to access user data that was considered private and not just public data that they were allowed to "see" Applications.

In accordance with documentation of the Google+ Profile API, profile fields store thesaurus with sensitive user information such as name, email address, occupation, gender, age, nickname, birthday, and more.

Google said it discovered the API error in March of 2018.

“We believe this happened after a change in on Google+," said Smith. The company said it found "no indication that any developer knew about the bug or abused the API." It also said it found no evidence that profile data was used.

Google said it could not determine exactly which users were affected by the particular bug because the API was designed to keep log files only for weeks. So the company could not access older data.

“However, we conducted a detailed analysis of the two weeks before the bug was patched, and from that analysis, we found that up to 500.000 of Google+," said Smith. "Our analysis showed that up to 438 applications may have used this API."

An article by the Wall Street Journal that published at the same time as the blog post on Google claims that the API error is much worse and that user data may have been leaked by 2015. According to the WSJ, the error was only discovered when Googgle technicians began examining Googgle web pages for privacy leaks while preparing the company for the EU GDPR. According to the same report, Google covered the incident rather than publish it, fearing "direct consequences from regulators."

As for Google+, the company will not mourn much for it, the service has never raised the interest of users.
Smith said Google + will be terminated in the next ten months, during which service users will be able to download their data. The service will be permanently closed in August of 2019.

_____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).