In recent times the security of user data on social networks has been the order of the day, and for the worst reasons. In fact, there have been several scandals involving practices that are not advisable on the part of these entities. Now we have another case, this time involving the Google+ social network.
First of all, it is important to contextualize the Google+ presence in this environment. The Mountain View company’s social network emerged in 2011 as a response to Facebook and Twitter. However, its popularity has never reached the levels of previous ones, making it a niche social network.
If his image was no longer the most favorable within the community, much less after the news today. As reported by the company itself, Google+ has a security breach that compromised the data of several users.
This information was first reported by The Wall Street Journal and later confirmed by Google itself. In both cases we have the same information, however, with some variations.
Google+ did not secure data for about 500,000 users
In fact, the failure involved compromised part of the data for about 500,000 Google+ accounts. The compromised data includes names, emails, ages, gender, and occupations when they should remain private.
Although the injured users defined in their accounts that such information should not be visible to the public, this was not fulfilled. Anyone who visited the injured profiles would have access to this information.
However, Google is not aware that this vulnerability has been used maliciously. There is no evidence that third parties have had access to the API in question and thereby removed malicious use of the data. Still, it is a failure of compromise between the company and its users.
Still according to the news that is known, this failure was operational between 2015 and 2018. It was not until the spring of this year that the person responsible for Google+ became aware of it.
The reasons that led to this news being released only today are that they differ from source to source. On one hand we have The Wall Street Journal claiming that Google did not disclose this flaw for fear of scrutiny by regulators and damage to its reputation.
On the other hand, the company of Mountain View says that this was due to the speed in its correction – about two weeks – and by the non existence of evidence of the malicious use of this vulnerability.
As a result of this scandal, the US company has announced that the Google+ consumer side will be closed in the coming months. We are not sure which parts of the social network will be kept alive.
This closure process will be phased in. Therefore, everything should be properly closed in August of next year.