Google reportedly exposed the personal data of about 500,000 users of the Google+ platform. Potential misuse of personal data by outside or third-party developers may have existed for years due to a bug. Adding insult to injury Google decided to conceal the error to avoid the consequences, according to the Wall Street Journal.
The parent company of Google, Alphabet, responded by announcing that it would shut down the Google+ platform and operations. Known to many as G+ and launched in 2011 as a social media competitor to Facebook. The project was never embraced by social media users and has been mostly defunct for years. Shares of Alphabet fell roughly 1 percent in response to the story and the closure of G+.
"Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response," Google said of the error in a statement to VOA News. "None of these thresholds were met in this instance."
According to WSJ the bug allegedly became active in 2015 and was only found and shut down by Google in March of this year. Google confirmed that the bug was found in March 2018 but would not speculate or say when it became active.
The WSJ report says that it reviewed an internal memo circulated through the legal staff and senior executives of Google Allegedly Google legal team and executives were warned of "immediate regulatory interest." Public comparisons to Facebook’s user information leak to Cambridge Analytica was a significant concern should the breach become public. The Cambridge Analytica
The leaked memo allegedly said that while Google could not find evidence that the exposed data had been misused, it also could not prove that misuse did not happen.
Google’s CEO Sundar Pichai was informed of the decision not to reveal the breach or to notify users after an internal committee had already made the decision not to disclose the bug or the breach.
The breached data exposed Full names, email addresses, birthdays, occupational data, gender and other personal information like places lived. Phone numbers, email message contents and other related communications and date were supposedly not exposed.
Google has since stated that it was restricting what data that outside developers would be able to access.
This story comes less than two weeks from the September 25, 2018 data breach by Facebook. That breach affected 50 million or more users.
In March 2018 the Cambridge Analytica, a UK company, harvested the data of 87 million Facebook users. CA is a data mining, harvesting, and data analysis operation.