Following a review of third-party apps’ access to accounts, Google has made the decision to shutdown the Google+ social platform.
Vice President of Engineering Ben Smith published a blog post yesterday revealing that almost 500,000 users’ information was available to view, even if they’d marked it as private.
Only one of Google’s APIs was affected, but developers that were connected to it could have accessed personal information.
This information included name, gender, age, address, email and occupation. However, Google strongly stressed that other data, such as posts, private messages and phone numbers, was still secure.
Furthermore, Smith emphasised that there was no evidence to suggest developers were aware of this error or abused it. Therefore, he is confident that no data was misused.
Google only keeps its API logo data for two weeks to try and protect it. As the fault was first detected and patched in March 2018 there is no way to confirm which accounts were vulnerable.
However, it is known that 438 application developers use the API in question and would have had the opportunity to abuse just under half a million users’ data.
Google also found that there was very limited user interaction on Google+. Approximately 90% of user sessions lasted for less than five seconds.
Ben Smith wrote: “The review did highlight the significant challenges in creating and maintaining a successful Google+ that meets consumers’ expectations. Given these challenges and the very low usage of the consumer version of Google+, we decided to sunset the consumer version of Google+.”
The shut down will have a transition period of about ten months, so it is expected that the platform will be completely unavailable by August 2019.
Read more here.