Google discloses software bug that exposed personal data of Google Plus users
Google on Monday revealed that a software bug exposed data on as many as 500,000 users of Google Plus, the company’s social network program.
In a blog post, Vice President of Engineering Ben Smith said that the company discovered in March that a glitch was giving third-party developers access to private information like names, email addresses and occupations in some user profiles.
{mosads}“We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused,” Smith wrote.
The company said it would be shutting down Google Plus.
The company said as many as 438 developers had access to the information.
The Wall Street Journal, which first reported the incident, said part of the reason Google decided not to reveal the incident when it was initially discovered was because it would attract unwanted attention from regulators at a time when Facebook was facing criticism from Washington over the Cambridge Analytica scandal.
According to Smith, the Google Plus vulnerability was not damaging enough to warrant notifying the public.
“Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice,” he wrote. “Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response.
“None of these thresholds were met in this instance,” he added.
The discovery by Google came amid an effort by the company to review how much access the company gives to third-party developers creating services for its platforms.
As a result of the review, which Google dubbed Project Strobe, the internet search giant will be giving users more control over what they share with app developers and limiting third-party access to Gmail accounts as well as user phone and call logs.
The disclosure comes at at time when Google has been under the microscope in Washington for its data collection practices, market dominance and efforts to appease Chinese officials with a censored version of its search engine. Google CEO Sundar Pichai is expected to testify before the House Judiciary Committee next month at a hearing that was planned before Monday’s announcement of the compromised data.
— Updated at 7:42 p.m.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts