Google+ To Shut Down After Privacy Bug

Google+ has always been the butt of many jokes as a failed social network that refuses to die, but according to a new report from The Wall Street Journal and then an official response from Google itself, it looks like it's been home to a serious security vulnerability for three years that Google chose to not disclose to the public.

Google is expected to announce the breach on Monday, as well as its plans shut down Google+, according to the Wall Street Journal. "We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused", the company said.

Google addressed the breach in its post saying it "discovered and immediately patched" a bug in March 2018.

Google+ will be shut down over a 10-month period, concluding in August 2019, as Google admits that it never gained the traction they had hoped. Monday's move effectively puts the final nail in the coffin of a product that was launched in 2011 to challenge Facebook and is widely seen as one of Google's biggest failures.

For Google, a data privacy reckoning may finally come as a result of a service that it admits nearly no one uses much anymore.


"Our review showed that our Google+ APIs, and the associated controls for consumers, are challenging to develop and maintain". Either way, the news casts a shadow over the Pixel event, and completely distracts from the other small but useful tweaks the company released today regarding privacy, in particular the fact that it is now rolling out more granular Google account permissions. The company did not check up with any of the developers of the aforementioned 438 apps. The bug was reported to have potentially allowed app developers to access profile data from even private accounts.

Google deliberately avoided disclosing the problem at the time, in part to avoid drawing regulatory scrutiny and damaging its reputation, according to a Wall Street Journal story that cited anonymous individuals and documents.

Google is at the centre of controversy this morning over a report of a massive user data breach that occurred previous year, with the result that they will be introducing finer grain controls to limit access to user data on the web and Android - and also shutdown Google+ for consumers. Google already had millions (if not billions) of accounts using its services, so turning it into a social media service should have been pretty easy.

Google's new policy and Gmail API access rules won't safeguard Gmail users from having their inboxes pilfered for data, but it will make it harder for an app to gain access to such data in the first place. The company says that it also will cut back on the amount of data belonging to Android and Gmail users that is available to outside developers. Over the coming months, we will provide consumers with additional information, including ways they can download and migrate their data.

  • Kara Saunders