Google will shut down its social network after a massive security hole for years allowed user profile data to be accessed.
Turns out, Facebook is not the only tech giant to suffer a heavy body blow over user data security. This time, it is the almighty Google, or, more precisely, its not-so-popular social network called Google+.
Those who used the product have had personal data exposed to malefactors since 2015, according to a Wall Street Journal report cited by TechCrunch. When a user allowed an app access to their public profile data, the bug allowed the app to also grab non-public profile fields, including full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status.
The total amount of users endangered by the bug is reported to be 496,951.
The security hole was only discovered and plugged by Google this March, the report reads, but the company decided not to go public with the breach, as it was exactly same time as the notorious Facebook/Cambridge Analytica scandal was unraveling.
Going public with a bug finding would have led to Google "coming into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal," an internal memo cited by TechCrunch read.
Curiously, mere minutes after WSJ published their report on the data leakage, Google made an announcement that they would close Google+ in the next 10 months, allowing users to export their data, and then switch G+ to an enterprise product. This is one of a series of measures taken following the Project Strobe security audit. Besides closing their social network, Google will rework security rules, including restricting third-party developers from accessing phone SMS data, call logs and some contact info.
Project Strobe provides eyebrow-raising statistics, including that 90 percent of Google+ interactions took less than five seconds. Apparently, the only interaction the vast majority of users ever had with the social network is pushing a button to close login dialog windows.
"This review crystallized what we've known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps," the Project Strobe report reads.
In an attempt to control the damage, Google specifically stated that the bug did not allow perpetrators access to messages or posts made by users. The company also claimed that they "found no evidence that any developer was aware of this bug, or abusing the API" and that they "found no evidence that any Profile data was misused," writing "no evidence" in bold, twice.
According to TechCrunch, Google is likely to avoid the 2 percent of global annual revenue fine for failing to disclose the issue within 72 hours. However, the website reads, the company might still face lawsuits and public backlash.
Google stayed above much of the Facebook- and Twitter-centered scandals of recent months, partially by claiming that G+ is "not really a social network," TechCrunch reads. Although this time the company might end up testifying before Congress, just like Facebook's Mark Zuckerberg.