What the Google+ Breach Means for the Company and its Users
Any type of security breach is cause for concern among both a company and its users, but failing to disclose the breach for months in an attempt to avoid bad press and other repercussions intensifies the scrutiny significantly. In March, Google discovered that a bug in the API for Google+ was making it possible for third-party app developers to obtain the data of users and their friends. As a result, Google has announced that it will be shutting down consumer access to Google+ while they work on improving their privacy protections. What does this mean for companies and users going forward?
First off, the damage. Google disclosed that the data of as many as 500,000 Google+ accounts was breached, but claimed they found “no evidence that any developer was aware of this bug, or abusing the API.” The data that was breached includes “static, optional Google+ profile fields,” such as name, email address, occupation, gender and age. Complicating matters is the fact that Google keeps the API’s log data for just two weeks, meaning they cannot confirm which users were affected.
In terms of popularity, Google+ is not one of the social media giants. Many users will have no problem shutting down their pages and moving on for good as a result of the breach. Some people may even have Google+ accounts without realizing it. If that’s the case, take the proper steps to delete your account. The breach also serves as a reminder to companies that it’s important to consistently be updating company passwords and security measures.
As for what Google plans to do next, the company announced that Google+ will no longer be available to consumers, instead turning their efforts to attracting business customers to the network. They also announced additional security measures that they hope will help them to regain users trust. “In the coming months, we’ll roll out additional controls and update polices across more of our APIs. As we do so, we’ll work with our developer partners to give them appropriate time to adjust and update their apps and services,” the company said in a blog.
The Google+ breach serves as yet another reminder that although it’s sometimes tempting to rest easy in the belief that our data is safe, that often isn’t the case. As companies and consumers, it’s important to stay alert. As for Google, they’re now saddled with the task of attempting to win back the public’s trust after not only failing to protect sensitive data, but also deciding not to immediately disclose knowledge of the breach to their users.