Google says that they have found yet another bug which impacted 52.5 million users in connection with a Google+ API and will now shut the app in April 2019 instead of August 2019.
Google is preponing the shut down of it’s social network Google+ and will now be sunsetting the consumer version of the platform and its APIs in April 2019. Originally planned to be discontinued in August 2019, the platform has been hit by yet another bug, forcing the tech company’s hand to take this step. Launched with an ambition to counterweight the growing popularity of Facebook in 2011, the project didn’t take off as expected. Google+ joins the company’s instant messaging app Allo, which will discontinue in March next year.
“We’ve recently determined that some users were impacted by a software update introduced in November that contained a bug affecting a Google+ API. We discovered this bug as part of our standard and ongoing testing procedures and fixed it within a week of it being introduced. No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way,” David Thacker, Vice President, Product Management, G Suite said in a blog post. Google says that the significant challenges involved in maintaining a successful product that meets consumers’ expectations, as well as the platform’s low usage are also the reasons why it is expediting the shut down process.
Google also says that with the discovery of this new bug, it has also decided to expedite the shut down of all Google+ APIs and this will occur within the next 90 days. “While we recognise there are implications for developers, we want to ensure the protection of our users,” Thacker added. The tech giant says that its testing revealed that a Google+ API was not operating as intended. It fixed the bug promptly, began an investigation into the issue and has found that the bug impacted approximately 52.5 million users in connection with a Google+ API.
Due to this bug, the apps that requested permission to view profile information that a user had added to their Google+ profile (like their name, email address, occupation, age etc) were granted permission to view profile information about that user even when set to not-public. “In addition, apps with access to a user's Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly,” the executive noted.
The company also claims that the bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft. “No third party compromised our systems, and we have no evidence that the developers who inadvertently had this access for six days were aware of it or misused it in any way. We have begun the process of notifying consumer users and enterprise customers that were impacted by this bug. Our investigation is ongoing as to any potential impact to other Google+ APIs,” Thacker added.