Digital Privacy: “Google Hid Major Google+ Security Flaw that Exposed Users’ Personal Information”
UPDATED (October 11, 2018) Senators Asks Google To Explain Delay In Disclosing Vulnerability (via Reuters)
From Reuters:
Alphabet Inc’s Google said on Monday up to 500,000 Google+ user accounts were potentially affected by a bug that may have exposed their data to external developers, and the company is shutting down the social network for consumers.
[Clip]
Google opted not to disclose the issue partly due to fears of regulatory scrutiny, the Wall Street Journal reported
Read the Complete Article (via Reuters)
From The Verge:
The news, originally reported by The Wall Street Journal ahead of Google’s announcement, means that Google+ profile information like name, email address, occupation, gender, and age were exposed, even when that data was listed as private and not public. However, Google says that it has no evidence to suggest any third-party developers were aware of the bug or abused it. The bug appears to have been active between 2015 and 2018.
Read the Complete Article
From Bloomberg
The company found no evidence the information was misused by any developers, Smith said. A spokeswoman for Google didn’t immediately return a request for further comment.
Read the Complete Article
From TechCrunch:
Since the bug and subsequent security hole started in 2015 and was discovered in March before Europe’s GDPR went into effect in May, Google will likely be spared a 2 percent of global annual revenue fine for failing to disclose the issue within 72 hours. The company could still face class-action lawsuits and public backlash. On the bright side, G+ posts and messages, Google account data and phone numbers, and G Suite enterprise content wasn’t exposed.
The fiasco could thrust Google into the same churning sea of scrutiny currently drowning Facebook, just as the company feared.
Read the Complete Article
Direct to WSJ Article Cited in Both Story (Subs Only)
UPDATE: Statements/Updates From Google
Project Strobe: Protecting Your Data, Improving Our Third-Party APIs, and Sunsetting Consumer Google+
&
Providing a Safe And Secure Experience For Our Users
&
More Granular Google Account Permissions with Google OAuth and APIs
Filed under: Data Files, News, Patrons and Users
About Gary Price
Gary Price (gprice@gmail.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.