Google+ is shutting down on April 2nd due to security vulnerabilities
Google is closing its social network on 2 April, the report from the company confirms. As a result, all pages and users' accounts will be deleted. The closure is planned earlier than expected because of “challenges involved in maintaining a successful product that meets consumers' expectations.” However, it is more than obvious that it is also related to the security vulnerabilities that have potentially exposed data of more than 52 million users worldwide.
Back in December, Google was saying that the closure date is planned in August 2019 and made sure to confirm that users need to back their important data. However, the company has recently revealed their decision to perform the shutdown earlier.
According to the official plan of these events, the start of the shutdown is planned in February, when users will be no longer able to create new Google+ profiles. Then, by March 7th, the deletion of related comments starts. Google+ sign-in buttons will be replaced with Google sign-in buttons. On April 2nd, all accounts, and pages will be shut down and content deleted from the platform.
Security vulnerabilities that caused the final shutdown of the platform
Between 2015 and March 2018, Google+ had been exposing the personal data of more than 500 000 people. The vulnerability was patched in March 2018, but the company didn't disclose the security issue for more than six months.
According to the company, this issue was discovered during an internal audit performed by Project Strobe. The main goal of this audit was to examine access to users data from Google accounts by third-parties. Unfortunately, due to the security vulnerability, the third parties were allowed to reach the information which was marked as private.
The vulnerability revealed information like email address, age, gender, images or even the relationship status. Developers weren't aware of the fact that more than 440 applications on the Google Plus social network had access to this API, as Google said back in October 2018.
At the time, Ben Smith, vice president of engineering, wrote:
The review did highlight the significant challenges in creating and maintaining a successful Google+ that meets consumers' expectations. Given these challenges and the very low usage of the consumer version of Google+, we decided to sunset the consumer version of Google+.
One of the most significant data breaches of 2018
Closing the social network is a huge step for a company dealing with a massive data breach. However, having in mind that Google+ has always been struggling with users' traffic, this is not a surprise. At the moment, the social network is barely alive – the most of users' sessions last less than five seconds.
Luckily to Google, this is not the most significant event related to the leaked users' information. There have been numerous cases when companies denied data breaches and officially revealed only the less significant incidents or keep the whole vulnerability to themselves to avoid scrutiny.
Although most of these events include direct hacks, companies also tend to encounter data breaches due to security holes in their system. These unfortunate events are expected to make companies more aware of the cybersecurity and more protective of their data during 2019.