Google gave access to the information of hundreds a large number of Google+ users because of an API flaw showed by a report from The Wall Street Journal. As for the compensation Google is going to shut down Google+ for permanently.
The faulty API allowed the developers to get access to the public data of the users who used it. It also allowed the hackers to see the private, non-public data of other users connected to the signed up user.
There are a large number of 496,951 users and 438 apps were affected by this bug in the API.
The bug allowed the hackers to hack profile photos, email addresses, full names, birthdates, gender, occupation relationship status and place lived. No email messages, phone numbers, timeline posts, direct messages or any other type of communication data present.
The bug was there in 2015 but Google find it out in March 2018 and know decided to fix this issue. Google had a choice to notify its users but decide not to for the reason that it wasn’t legally required to and secondly, as it would draw regulatory attention towards the issue. Google may have in mind the Facebook’s Cambridge Analytica scandal so it kept it secret.
Google said that it not sure about the data being misused and it also has no way of being sure as well. The company did not ensure with any of the developers of the above-mentioned 438 apps.
Google told that the user engagement in Google+ (Google plus) has gone down and the more than 90% users remain for less than 5 minutes on the site. They just used to post their own products and go away without interacting with the contents. So Google has decided to shut down Google+ for its users.
Google also said that the company is working on improving the security in SMS, call logs and not allowing developers to access Gmail.
Here are some points to give attention:
• The security flaw existed for three years in the API.
• When Google found out about it, it silently fixed it to stay away from legalities and investigation by authorities.
• Google decided to shut down Google+ in a knee-jerk reaction when users know it.
• Android data access is being limited to app developers. Gmail add-ons access will also be restricted.