Google+ may be a punchline in the social-network world, but there’s something seriously wrong with it. For the second time in as many months, Google has announced that Google+ has been hit with another data leak, and this one is way worse than the last.
According to a blog post, some 52.5 million users are affected by this latest data breach, 100X more users than the 500,000 who were exposed during the last data leak. Like last time, affected users had their name, email address, occupation, and age exposed to third-party developers, regardless of whether their account was set to private. Google blames the leak on a bug and says it was fixed within a week of being introduced.
Google says the breach was limited to personal profile information and “did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.” Additionally, it is certain the bug has been patched and claims there is no evidence that developers who had access to the information misused it in any way.
In response, Google will be closing Google+ even earlier. While the company previously announced it would be closing Google+ in August as well as implementing an array of security features, it will now shutter the service in April, four months ahead of schedule. It will also sunset all Google+ APIs within 90 days.
But that’s not good enough. Google itself admits that some 90 percent of all Google+ user sessions are less than five seconds in duration, so if no one’s really using it, why not shut it down right now or at least by the end of 2018? Keeping it open at this point is dangerous to users’ private data, especially considering that both of these breaches involved users whose profiles were set to private.