Author: Cameron Summerson / Source: How-To Geek
Earlier this year, Google started a project to review third-party developer access to Google accounts through the use of APIs. It found a security breach surrounding Google+, and is now shutting the service down, at least for consumers.
The long and short of the issue is that there was a security hole that allowed third-party developers to access Google+ users’ account data, including name, email address, occupation, gender, and age—even if the account was set as private.
. This isn’t particularly sensitive data, but regardless, a breach is a breach.The bug was discovered in March of 2018, but was presumed to have been open since sometime in 2015. To make matters slightly more troubling, Google only keeps this particular API’s data log for two weeks…so the company has no way of knowing which users were affected. Presumably, however, some 500,000 users were on the list.
As a bit of a bright side, however, there was no evidence that any developer was even aware this bug existed, despite 438 applications using the API. Similarly, there was no evidence that any profile data was stolen, sold, or otherwise misused. That’s good, I guess.
The bug was patched two weeks after it was initially discovered (Google took two weeks to analyze the data before patching the hole), but has now decided to shut…
The post Google+ is Dead, Survived By Better Privacy Controls appeared first on FeedBox.