New Google+ API Bug Affects 52 Million Consumers and Enterprise Customers

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,062
A new Google+ API bug has been discovered and it affects 52 million consumers and enterprise customers. Google discovered the bug and believes that no app developers knew of or exploited the system in the 6 days that the bug was present. This discovery has made Google rethink the August 2019 shutdown date for Google+. A decision has been made to expedite the shutdown of the social media service to April 2019.

The consumer version of Google+ will be sunsetting in 90 days. Although the bug shared information that may have been set to not-public, it didn't share information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft. We reported on the first security breach and closing of Google+ earlier this year.

With respect to this API, apps that requested permission to view profile information that a user had added to their Google+ profile--like their name, email address, occupation, age (full list here)--were granted permission to view profile information about that user even when set to not-public. In addition, apps with access to a user's Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly.
 
Nobody remembers Google+ is a think so of course nobody exploited the bug. That would be like a bug being introduced in a new update for windows phones and nobody exploited it.
 
What I was wondering is if it's going to be shut down so soon, why is anyone still developing for it?
 
Marriott, Quora, Google+. So is that over 200+ million(not taking into account overlapping names/accounts) in just over two weeks? If we added all the known breaches in 2018 together would that be over half a billion? Just wondering.
 
Marriott, Quora, Google+. So is that over 200+ million(not taking into account overlapping names/accounts) in just over two weeks? If we added all the known breaches in 2018 together would that be over half a billion? Just wondering.

It's almost as if... nvm.
 
Affects 52 million consumers, of which 3 actually noticed.
People have a google+ account and don't know it and no real good reason why they should. I would doubt less that a few milliion of the 52 million know they have a google+ account. Signing up for youtube for a while got you a google+ account and a few other services as well.
 
People have a google+ account and don't know it and no real good reason why they should. I would doubt less that a few milliion of the 52 million know they have a google+ account. Signing up for youtube for a while got you a google+ account and a few other services as well.

For sure, that was pretty much the only way Google was getting any “users”.
 
Yet, I would imagine, without a Google Plus is tied into your Google account and therefore, I would guess the Google account itself is affected.
 
Back
Top