There is no evidence that the flaw was misused during the six days it was alive, said the tech giant

is closing down its social network + for consumers sooner than planned following the discovery of a new security issue that the data of 52.5 .

Only two months ago, Google announced that it would shut down the consumer version of Google+ in a move precipitated by a that may have leaked the data of half a million users to external developers.

A new announcement on Monday now reveals that Google has detected another (and similar) glitch that affected one of the social platform’s Interfaces (APIs), giving app developers access to users’ profile information such as names, email addresses, ages and occupations – even if their profiles were configured to remain private.

“In addition, apps with access to a user’s Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly,” according to the announcement.

On the other hand, the company gave assurances that more sensitive information, such as “financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft”, was never exposed.

Discovered by Google’s own engineers, the flaw was found to have been shipped with a software update in November. It was fixed within a week, said Google, and there is no evidence that any app developer was aware of or misused the glitch during the six days it was alive.

At any rate, the discovery was enough to prompt the company to move the shutdown date of Google+ for consumers from August to April . For APIs associated with the platform’s consumer version, the kiss of death will come even sooner – within the next 90 days.

As announced in October, Google+ will continue to be available to enterprise customers.

Source link


Please enter your comment!
Please enter your name here