A massive data breach of Google+ has prompted Google to shut down the largely unsuccessful social platform.
Google got hacked and didn’t tell anyone, at least according to documents discovered by a new Wall Street Journal (WSJ) report. Last Spring, the company’s Google+ social network was hacked but Google failed to report the data breach to regulatory authorities. Up to 500,000 Google+ accounts were breached by a software bug that allowed third-party developers’ apps to access profiles of users.
Internal documents discovered by the WSJ suggest Google failed to report the breach because they feared regulatory scrutiny and reputational damage. Google’s legal and policy team wrote an internal memo expressing fear that a privacy scandal would ensue if they reported the breach. The memo warned senior executives that the scandal the news would generate would not only trigger regulatory intervention; it would be on a large scale similar to Facebook’s Cambridge Analytica data scandal.
Google Says It Found No Evidence That Third-Party App Developers Misused Google+ Data
The Wall Street Journal report stated that Google first became aware of the Google+ security bug in March but failed to act. The internet giant may have relied on its terms of service policy which states that the company chooses when to inform users of privacy breaches based on factors such as security bugs in question, types of data breached, identification of users to notify, credible proof of misuse, and responsive actions that users can apply to mitigate or prevent a breach among others. Google said in a blog post it chose to delay reporting the Google+ security bug based on these considerations.
The company revealed that a total 438 third-party apps accessed Google+’s API, but found no proof yet that any developer misappropriated the private data they accessed. Google stated that up to 500,000 Google+ users may have had their names, emails, dates of birth, profile photos and gender information exposed. The data breach did not, however, expose users’ phone numbers or personal communication.
Over 90% of Google+ Users Engage With the Social Network for Less Than 5 Seconds
As a direct response to this incident, Google said they are closing Google+ down over the next 10 months. G Suite business customers will still be able to access and use the enterprise version of the social network. Shutting down Google+ is unlikely to significantly affect Google since the platform has failed to gain any real traction since its launch in 2011. Google said user engagement with Googe+ is less than 5 seconds on average.
Following the news of the privacy breach, Google’s shares dropped by over 2 percent to $1134.23, though it regained its position a few hours later. Google is not the only internet giant to have taken a hit from data breach in recent months; Facebook and Twitter among other top technology giants have been hit. In the EU, Google was slammed with a $5 billion fine for antitrust abuse of Android, its main mobile operating system.