Google+ is closing its doors permanently, it was learned Monday, October 9, 2018 that there is a serious concerns about the security of personal data associated with 500,000 accounts. We learn this Tuesday that Google knew the existence of the flaw for at least 6 months – its existence dates back to 2015. Google assures that the flaw was plugged before it could be exploited, while claiming to be unable to warn users whose account has potentially been exploited.
The disorder surrounds the conditions in which Google decided to close Google+, Google has indeed announced the closure of the social network, originally thought of as a serious competitor Facebook (he has never found his audience), while revealing that a large security breach has potentially given access to personal data of 500.000 user accounts.
The firm argues that this flaw was not exploited by pirates, although it has left the possibility of doing so for several years. At the same time Google is unable to warn users whose account may have been affected, simply because the company only kept logs (diagnostic files) on Google+ for two weeks. In the absence of proven data breach, there is indeed no reporting obligation.
The bug itself allowed people with the potential to bypass the security of certain profiles and access private data such as sex, profession, name, photo or email address. Although it is serious in scope, it does not appear to be as serious as the flaw in Cambridge Analytica. Google did not use its service like Facebook to exploit the data of its users for commercial purposes – or in the case of Cambridge Analytica, elections. The scale is also far from the 80 million people affected by the case that rocked Facebook.
Google said that it found no evidence that any developer was aware of this bug or abusing the API, and found no evidence that any Profile data was misused. Google is giving a period of 10 months (by the end of August 2019) for users to transition.
Finally, the service was much less used than its competitor, and probably less likely to attract the interest of hackers. Were you on Google+? Do you regret the disappearance of the service? Share your feedback in the comments.