Home News Google+ suffers second massive data breach

Google+ suffers second massive data breach

Google had earlier announced that it will be shutting down its social media platform Google+ for consumers by August 2019, after the disclosure of a vulnerability that exposed around 500,000 users’ personal information to third-party developers.

In a recent media statement, the California-based firm stated that it is moving the date to April 2019. The declaration came after Google+ encountered another data breach that exposed personal information of 52.5 million users. The tech giant admitted that the incident occurred due to an existing bug in its software update that was introduced in November 2018, before Google fixed it.

The flaw exploited Google’s APIs exposing users’ data, including usernames, email addresses, occupation, date of birth, age, gender, and other personal information. Google clarified that they found no evidence that any third-party developers were aware of the bug or misuse of any users’ data.

“We’ve recently determined that some users were impacted by a software update introduced in November that contained a bug affecting a Google+ API. We discovered this bug as part of our standard and ongoing testing procedures and fixed it within a week of it being introduced. No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way,” the company said in a blog post.

“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days. In addition, we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019. While we recognize there are implications for developers, we want to ensure the protection of our users,” Google added.

Earlier in November, Google had announced key security improvements to spruce the data protection measures of Google account users. According to Jonathan Skelker, product manager at Google, the search engine giant has been enhancing the account security by introducing a new step-by-step check-up, notifications, and JavaScript requirement.