In turn, this meant that nearly 500,000 users' names, email addresses, dates of birth, gender, location, occupation, and relationship status were made available to developers, all without their knowledge. It said it had no evidence that any third-party developer was aware of the bug or had misused profile data.
In weighing whether to disclose the incident, the company considered "whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response", he said.
Following the news that a Google Plus security breach resulted in the exposure of 500,000 people's private information, the search engine giant has said it will be shutting down its social network for consumers.
Now, after several years of speculation that it was going to be shut down, Google is bringing Google+ for consumers to an end.
In addition to "sunsetting consumer Google+", the company is making changes to APIs on its other services, which will limit the amount of access developers get to data on Android and Gmail.
"Given these challenges and the very low usage of the consumer version of Google+, we made a decision to sunset the consumer version of Google+", the company said in a statement. In addition, 438 third-party applications may have used the application programming interface, or API, that allowed possible access to the data, according to Google. The flaw exposed user data from 2015 until this past March, according to the report. That said, social media is the business where Google has failed to mark its presence.
For Gmail apps requesting permission to user data Google will only grant access to apps which 'directly enhancing email functionality-such as email clients, email backup services and productivity services (e.g., CRM and mail merge services)'.
Within hours, Google published its own report. If you don't see the downgrade page and instead see an upgrade page, you have already deleted your Google+ profile (or didn't have one).
In an unexpected blog posted today, Google revealed it was closing the rather unpopular social network Google+.
"Had this breach occurred just a few months later, Google could be subject to strict GDPR fines for not keeping user data safe".