In a blog post, Google Fellow and Vice President of Engineering Ben Smith announced the “sunsetting” (termination) of the Google+ networking service, citing “significant challenges” meeting consumer expectations. This announcement comes alongside Project Strobe, which addresses security improvements over the range of G Suite services. As part of the Project Strobe audit of Google+, the company found a bug that exposed profile fields not marked public to app developers.
Some 500,000 Google+ users had account data “potentially” compromised by a system loophole, the blog post claimed. It also claimed that it had no evidence that any app developer was aware of the bug, or that any profile data was misused. The statement was released soon after Wall Street Journal reported on the data leak yesterday. In the article, the Wall Street Journal claimed that CEO Sundar Pichai knew of the issue but chose to hide the vulnerability for fears of regulatory scrutiny.
The vulnerability occurred after an update, affecting all users who had logged in between 2015 and March 2018. The data exposed was limited to full names, email addresses, birth dates, occupation, gender, profile photos and relationships statuses. Other data, such as payment information, posts, private messages, phone numbers, or other G Suite content.
Google+ will be progressively shut down over the course of the next 10 months, although the service will remain open to enterprise users.