Google will close its social networks as part of a review of the information it shares with third parties
Google announced its decision to shut down Google+, designed to compete with Facebook, after it discovered a security vulnerability that exposed the private data of up to 500k users of the service, as reported by experts in digital forensics from the International Institute of Cyber Security.
When the company staff discovered the flaw last march, they decided not to disclose the problem publicly, as there were no signs of affected users, the company said in a statement at the beginning of the week.
This decision could violate the new laws of California and Europe, specifically the paragraphs concerning the deadlines for revealing security incidents. In its statement, Google said that its “office of privacy and data protection” decided that the company was not obliged to report the security problem.
“Google looked at the type of data involved and it would not in any way directly compromise Google+ users”, said Ben Smith, vice president of Google Engineering.
Up to 438 applications may have been compromised, but Google reported that it had not found evidence that external developers were aware of the security flaw and there was no indication that user profiles were used incorrectly.
According to specialists in digital forensics, the incident could attract more external research, and even mentioned the possibility that the United States Congress call to appear to Sundar Pichai, CEO of Google.
Earlier this year, Facebook admitted that Cambridge Analytica, a British research organization that had worked for Trump’s campaign, had unduly accessed personal information from up to 87 million Facebook users. Mark Zuckerberg, executive director of Facebook, spent two days testifying at US Congress hearings about that incident and other issues related to the privacy of its users.
The decision to close Google+ is part of a comprehensive review of how much user information shares Google with third-party developers.
According to specialists in digital forensics, Google is limiting the applications that can work with Gmail, the company’s email service, and restricting the amount of data that developers can access through Android, the software for Google smartphones.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.