Following a massive data breach first reported on by The Wall Street Journal, Google announced today that it is shutting down its social network Google+ for consumers. The company finally admitted that Google+ never received the broad adoption or engagement with users that it had hoped for. In light of these newly revealed security concerns with Google+’s API, the company has opted to put it out of its misery rather than try and fix the bug that caused the data leak.
The company discovered a bug in one of Google+’s People APIs that allowed apps access to data from Google+ profiles that weren’t marked as public. It includes static data fields such as name, email, occupation, gender and age. It does not include information from Google+ posts. The bug was patched in March 2018, but Google didn’t inform users at that point. “We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks,” the company said in a blog post. “That means we cannot confirm which users were impacted by this bug.”
However, Google+ will continue as a product for Enterprise users. It’s by far the most popular use of the social network. Therefore, the company has made the decision that Google+ is better suited as an internal social network for companies, rather than a consumer product. Google will announce new Enterprise-focused products for Google+ in the near future.
The decision is a part of Project Strobe, which is Google’s internal investigation into third-party developer account access to Google and Android products. It takes a close look at security controls, as well as low user engagement that are likely due to privacy concerns. The goal is to identify areas where privacy controls should be tightened.
Developing . . .