Google+ did not succeed when it was still alive, but now that the plug has been pulled out of the social network, it still turns out to be a problem. Last October it was already clear that there was a security breach that affected half a million users. But today it turns out to be even worse.
After the first leak, it was announced that Google+ would stop. Google had decided to take it all offline in August 2019. But today it turns out that there was another leak that exposed data from 52.5 million users for apps that use the Google+ API.
The influence of the bug is great: Google has decided to take all Google+ APIs offline within ninety days. In addition, the social network will not disappear from the Internet in August, but already in April 2019. The bug existed for only six days – early November – and was related to the Google+ People API.
This API allows users to request permission to view users’ profile information. This includes information about their names, e-mail addresses, professions, gender, birthday, relationship status and gender. Developers could request that information even if the data wasn’t set to “on”. In addition, apps that had access to this data could also view profile data that was shared with the user in question, which were then also not publicly available.
Leak fast poem
Google says it has no evidence to suggest that developers have ever realized that they had access to this data. There are also no indications that the data has been misused. The error in the API was repaired within six days. It was discovered on 7 November and the leak had already been plugged on 13 November.