Much earlier than planned Google is making its social network Google Plus dense, namely already this April, instead of only in August, as it had been intended first. The reason: The company has discovered a new data breach.
Information from around 52.5 million users had been affected, said Google. In the process, software developers would have had access to names, e-mail addresses, age and employment via the interface to Google Plus (API), even though these data should remain private. The gap has lasted for six days and Google has no evidence that developers have exploited or even discovered.
Google announced in October that Google Plus had a vulnerability since 2015 that allowed app developers to access their name, email address, and employment, gender and age information. At that time, however, Google only spoke of 500,000 potentially affected user accounts. The similar new gap, which met however much more accounts, had been introduced in November with a software update, it was said now. The interfaces for software developers will now be cut within the next three months.
The GDPR - simply explained
Basic Data Protection RegulationWhat the new EU rules mean for citizens
Google was already in the criticism, because the company had already discovered the first vulnerability in March and closed immediately - but did not make it public. The incident became known only through a report in the Wall Street Journal. Now Google reported the new gap just before a hearing of company president Sundar Pichai in the US Congress.
Google Plus was launched in 2011 as a competitor to Facebook, but had not been able to prevail and recently had barely active users. Google wants to continue operating a version of the corporate communications network.