New Google+ API Bug Affects 52 Million Consumers and Enterprise Customers

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
20,995
A new Google+ API bug has been discovered and it affects 52 million consumers and enterprise customers. Google discovered the bug and believes that no app developers knew of or exploited the system in the 6 days that the bug was present. This discovery has made Google rethink the August 2019 shutdown date for Google+. A decision has been made to expedite the shutdown of the social media service to April 2019.

The consumer version of Google+ will be sunsetting in 90 days. Although the bug shared information that may have been set to not-public, it didn't share information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft. We reported on the first security breach and closing of Google+ earlier this year.

With respect to this API, apps that requested permission to view profile information that a user had added to their Google+ profile--like their name, email address, occupation, age (full list here)--were granted permission to view profile information about that user even when set to not-public. In addition, apps with access to a user's Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly.
 

Exavior

[H]F Junkie
Joined
Dec 13, 2005
Messages
9,700
Nobody remembers Google+ is a think so of course nobody exploited the bug. That would be like a bug being introduced in a new update for windows phones and nobody exploited it.
 

WhoMe

Gawd
Joined
Jan 3, 2018
Messages
827
What I was wondering is if it's going to be shut down so soon, why is anyone still developing for it?
 

lostin3d

[H]ard|Gawd
Joined
Oct 13, 2016
Messages
2,043
Marriott, Quora, Google+. So is that over 200+ million(not taking into account overlapping names/accounts) in just over two weeks? If we added all the known breaches in 2018 together would that be over half a billion? Just wondering.
 
Joined
Oct 27, 2014
Messages
535
Marriott, Quora, Google+. So is that over 200+ million(not taking into account overlapping names/accounts) in just over two weeks? If we added all the known breaches in 2018 together would that be over half a billion? Just wondering.

It's almost as if... nvm.
 

Jagger100

Supreme [H]ardness
Joined
Oct 31, 2004
Messages
7,696
Affects 52 million consumers, of which 3 actually noticed.
People have a google+ account and don't know it and no real good reason why they should. I would doubt less that a few milliion of the 52 million know they have a google+ account. Signing up for youtube for a while got you a google+ account and a few other services as well.
 

HockeyJon

[H]ard|Gawd
Joined
Dec 14, 2014
Messages
1,588
People have a google+ account and don't know it and no real good reason why they should. I would doubt less that a few milliion of the 52 million know they have a google+ account. Signing up for youtube for a while got you a google+ account and a few other services as well.

For sure, that was pretty much the only way Google was getting any “users”.
 

ManofGod

[H]F Junkie
Joined
Oct 4, 2007
Messages
12,617
Yet, I would imagine, without a Google Plus is tied into your Google account and therefore, I would guess the Google account itself is affected.
 
Top