Google has announced via a blog post that it is to shut its social network, Google+, early after it found more user data was exposed. The bug was discovered with an update to its API for the service, the system through which third parties interact with the platfom.
The investigation is still in progress, but the company has confirmed that it affects around 52.5 million users.
Google says that it can find no evidence that the data was misused, but developers theoretically had access to information about accounts for six days before it closed the vulnrability.
The leak didn’t allow anyone to see user passwords and your account can’t be compromised by hackers directly using this information. However it does potentially give malicious users a way to use social engineering to trick users into handing over details.
As always it’s worth remembering that companies like Google won’t ask you for personal information in emails.
In a statement Google said "We’ve recently determined that some users were impacted by a software update introduced in November that contained a bug affecting a Google+ API. We discovered this bug as part of our standard and ongoing testing procedures and fixed it within a week of it being introduced".
Attempting to reassure users, it continued "No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way".
Data that could, potentially, have leaked would include real names, email addresses and their age. This would have affected users even if their profile was set to private.
As such the company says it will speed up the closure of the social network, and it will now be brought forward to April 2019. Access to the APIs for the service will be closed in the next 90 days.
The company first announced a data breach in October this year. At that time the firm expected that it would close the service in August 2019.
Google didn’t inform regulators about the original leak, discovered in March. At the time the firm was concerned about attracting attention similar to that which Facebook has suffered over recent revelations about the company’s practices.
Unfortunately for Google the latest announcement comes after the introduction of strict new European rules on data. GDPR laws mean that Google could be fined as much as 4 per cent of its global turnover.
If the harshest penalty was imposed (which is very unlikely) Google could be fined as much $4 billion for the leak. While a penalty of some kind is likely, it would depend on how Google was found to have handled customer data.
For Google, the timing couldn’t be worse. CEO Sundar Pichai is due to testify before Congress tomorrow over transparency and accountability concerns.
Read More
Cybersecurity
-
Fortnite SCAMS ‘running rampant’ online
-
Iceland hit by MASSIVE cyber attack
-
Facebook logins sold on dark web for £3
-
Twitter bug leaked DMs of 3M users
Source: Read Full Article