Google has confirmed that it is shutting down Google +, a social network that was launched to rival Facebook, but failed to make an impact. However, the big news is not that Google+ is finally shutting down, which seemed inevitable, but that Google hid the data leak that has compromised nearly 500,000 accounts.
According to a Wall Street Journal report, Google found the software bug in its API in March 2018, though it had existed since 2015. The company also decided against reporting the incident because it “trigger immediate regulatory interest”, adds the report. WSJ quoted from an internal memo that was reviewed by Google’s legal and policy team and took the decision not to report the problem. CEO Sundar Pichai was kept in the loop on this decision.
The report says Google was worried that making this issue public would lead to comparisons with Facebook and the Cambridge Analytica scandal.
Google finally put out a blog post highlighting the issue, but its move is likely to invite more criticism and scrutiny, especially since the company has admitted it does not even know which accounts were impacted.
An internal security team – called Project Strobe – at Google discovered the issue with Google+ and other privacy problems on products like Gmail and Android. Project Strobe carried out what Google calls a “root-and-branch review of third-party developer access to Google account and Android device data.”
It also looked at areas where developers may have been granted overly broad access, which has been a problem on Android for quite sometime. So what has happened in Google’s data leak? Here’s everything we know so far.