Google+ to shut down after vulnerability discovered that left customer data unprotected
Google+ has long been the butt of many jokes as a failed social network that refuses to die, but according to a new report from The Wall Street Journal and then an official response from Google itself, it looks like it's been home to a serious security vulnerability for three years that Google chose to not disclose to the public.
Per WSJ, a "software glitch" allowed user data to be potentially exposed to unwanted eyes from 2015 all the way through March 2018 when Google learned about it.
In other words, Google learned about the three-year-long vulnerability and chose not to say anything out of fear that it'd be bad PR.
As for what info was exposed, it's reported that "full names, email address, birth dates, gender, profile photos, placed lived, occupation, and relationship status" were all up for grabs. Info that was not exposed includes email messages, Google+ timeline posts, direct messages with other users, phone numbers and "any other type of communication data."
Shortly after this report was published, Google released its full response outlining how it plans on covering its butt and keep data safe under an initiative called "Project Strobe." The first move? Shut down Google+ for consumers. Per Google:
To make the closure of the service as seamless as possible, Google says it'll implement a "wind-down" period over the next 10 months with the goal to have everyone off Google+ and officially pull the plug by the end of August 2019. While Google+ will no longer be a consumer product, new features will be coming soon to turn it into an enterprise-focused platform.
Along with this, Google will also force app developers to provide more detailed explanations of what it intends to do with your Google Account if it's requesting access to it. Instead of seeing a single screen asking for permission to use your Google account, you'll now see individual pop-up boxes for each item an app is requesting access to with an explanation of what's being requested.
Be an expert in 5 minutes
Get the latest news from Android Central, your trusted companion in the world of Android
Lastly, Google says it'll be limiting access to its Gmail APIs and be stricter about what apps in the Play Store can access call logs and SMS permissions on Android devices. This should translate to only your default phone and texting apps having access to your call and SMS data.
Google ended its explanation of Project Strobe with the following:
Google just dodged a £4.4 billion lawsuit in the United Kingdom
Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.