by Gavin Hanson
Google announced the end of its social platform Google Plus after a Monday Wall Street Journal report detailed the cover-up of a breach that exposed users’ data.
In a breach described as “Cambridge Analytica-style” by Financial Times social media and cyber security reporter Hannah Kuchler, Google Plus user data was exposed for hundreds of thousands of users. The WSJ report indicated that for a period of three years, personal data was accessible by hackers without a single indication from Google Plus or Google’s holding company, Alphabet, that anything was amiss.
Google published a blog post Monday to explain the breach and the “sunsetting” of Google Plus.
Google Plus has been partitioned into different functions since it became clear in 2015 that the app would not be able to compete with Facebook. Though some smaller portions of Google Plus will continue on, its consumer aimed, main portion is due to shut down over the course of the coming months. “To give people a full opportunity to transition, we will implement this wind-down over a 10-month period, slated for completion by the end of next August. Over the coming months, we will provide consumers with additional information, including ways they can download and migrate their data,” Ben Smith, a Google fellow and vice president of engineering, wrote in the blog post.
The breach, which began in 2015 and remained viable until spring 2018, was hidden from public knowledge for fear that it would bring on “regulatory scrutiny and cause reputational damage” in the way Facebook’s breach did in 2018, according to the WSJ report.
Alphabet shares fell 2 percent, according to Reuters Monday.
An Application Programming Interface, or API, is the system by which apps interact with each other. It is through an API that, according to Google, personal data such as a name, email address, occupation, gender and age were accessible where it should not have been. Although Google claims it found no evidence of misuse of this or similar data, its blog post admits that “438 applications may have used this API,” and therefore had access to the information in these fields.
“In the coming months, we’ll roll out additional controls and update policies across more of our APIs,” Smith wrote.
– – –
Gavin Hanson is a reporter for the Daily Caller News Foundation. Follow Gavin on Twitter.