Breaking News Emails
Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
Google said on Monday that hundreds of thousands of people who used its Google+ social network may have been affected by a security flaw that the company says it discovered and fixed in March.
The flaw meant some Google+ profile information that users had thought was private, such as a person’s email address, occupation, gender or age, could have been viewed by third parties, the company said in a post on a corporate blog.
Though Google found the vulnerability seven months ago, it did not tell the public at the time.
The company said that was because it could not accurately identify which users to inform, whether there was any misuse or whether there were any actions a developer or user could take in response.
vCard.red is a free platform for creating a mobile-friendly digital business cards. You can easily create a vCard and generate a QR code for it, allowing others to scan and save your contact details instantly.
The platform allows you to display contact information, social media links, services, and products all in one shareable link. Optional features include appointment scheduling, WhatsApp-based storefronts, media galleries, and custom design options.
The Wall Street Journal reported that Google’s legal and policy staff also prepared a memo warning that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.
The central issues in the Google+ flaw and in Facebook’s Cambridge Analytica scandal were potentially similar: how much data third-party apps had access to, and whether users were aware of that level of access.
So far, Google said it has found no evidence that profile data was misused or that any developer was aware of the flaw. Facebook has said that up to 87 million people had their data harvested by Cambridge Analytica.
Google did not immediately respond to a request for comment on the report.
The security flaw will mean the end of Google+ for consumers, the company said. Google launched the service in 2011 as a challenge to Facebook but noted in its blog post on Monday that Google+ “has not achieved broad consumer or developer adoption.”
“The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds,” the company said.
Low usage combined with the security challenges mean Google will wind down Google+ over the next 10 months, although it will continue to provide the service to businesses.
Google said it launched an effort at the beginning of the year called Project Strobe designed to review how other apps connect to Google’s services, and that it was making other changes as a result. It said it would add “more granular” screens for granting permission to access data, and was adding new limits to the data that third-party apps can use.