Google announced the end of Google+ on Monday (8), after a security breach that exposed information about 500,000 users. The error in the Application Program Interfaces (APIs) allowed 438 applications connected to the service to access restricted data from users, according to the company. The Search Giant is not able to specify the extent of the affected profiles, but says there is no evidence of the misuse of the information or the involvement of program developers in the case that has already been resolved.
Google, in an official statement, indicates the vulnerability of data present in static and optional fields of the social network, such as name, e-mail address, occupation, sex and age. However, it reinforces the integrity of content posted to or connected to Google+, for example, messages, Google account data, phone numbers or G Suite content. For users to adapt, the closure will take 10 months, ending in August 2019. In the coming months, the platform will provide additional information, including ways to download files and migrate data.
READ: Facebook hacked: attack hits 50 million; know everything
Security flaw in the Google+ system may have reached more than 500,000 users Photo: Divulgao / Google
Want to buy cell phones, TV and other discounted products? Meet Compare dnetc
In addition to the security threat, another factor considered for the closure of the social network was the lack of user adhesion. Low usage and engagement, with less than five seconds of activity in 90% of sessions, were also relevant. Google also admits that the internal analyzes showed a difficulty in developing and maintaining APIs and controls for those interested in the platform.
The company's investigations on the subject began in early 2018, with the launch of the Strobe Project, in order to review the access of outsourced developers to Android accounts and devices. In addition to the policy of obtaining data via apps. With this investment, it was possible to detect the bug in March this year and correct it immediately, according to the statement. They believe the breach was possible because of a defect in the software update at the time. However, the case only reached the public today, with the official pronouncement on the Google blog.
It is worth mentioning that the European Union's General Data Protection Regulation (GDPR) requires technology companies to report problems with personal data breaches within 72 hours of detecting what happened. Except in cases where there is no risk to users' rights and freedom. However, the Search Giant chose to "analyze the type of data involved, whether identification of affected users was possible, whether there was any evidence of misuse and whether there was any that a developer or user could do in response. None of these limits have been met in this instance ".
The company decided to redirect investments in Google+ to corporate activities, with the launch of new resources, and information to be released in the coming days.
How to remove virus from Google Chrome browser? Find out in the dnetc forum.
Little-known Google Maps functions
