A new security breach has hit Google+. After revealing in October that a vulnerability had exposed the personal data of half a million accounts, Google has just revealed the existence of another bug which this time has affected 52.5 million users.
As a result, Google+, Google’s unsuccessful attempt to found a social network competitor to Facebook, will ultimately shut down in April 2019 instead of August.
Data exposed for six days
What happened this time? “We recently determined that some users were affected by a software update introduced in November that contained a bug affecting a Google+ API. », Explains David Thacker, VP of Products for G Suite, in a blog post. This allowed applications requesting it to have access to personal data (name, email address, age, profession) even if the settings were on private. Google, however, claims that developers have at no time had access to financial data, national identification numbers, passwords or other data generally used to commit cyber fraud or identity theft.
The data was still exposed for six days. However, according to Google, nothing indicates that the bug introduced at the time of an update of the computer program was exploited or even detected by someone other than the company’s teams.
The American company indicated that it would warn potentially affected users but also that it would provide them with the information necessary to save and migrate the data deposited on Google+ to another service. We can note that unlike the previous flaw, which Google was aware of in March but revealed the existence in October, the company has this time chosen to communicate earlier. A small step forward for users who have had to endure the lack of transparency of several Tech companies in recent months.