Google’s social media platform Google+ has suffered a fresh data leak, compromising the personal information of more than 50 million users.
The tech giant responded by bringing forward the closure of the under-loved Google+ service by four months, shutting it down in April 2019 rather than August 2019 as it had planned.
In a blog post on Monday, Google said the flaw affected 52.5 million users who could have had profile information, including their name, e-mail address, occupation and age exposed to developers, even if their account was set to private.
It is the second data leak for Google+ this year, coming after the company revealed in October it had found a security flaw potentially affecting half a million users.
The first bug was discovered in March but not announced publicly for more than six months, prompting concerns around transparency. At that point the company announced it would shut down Google+ in August 2019, but after the latest breach it will now close in April for consumers and within 90 days for developers using the Google+ API .
“With the discovery of this new bug, we have decided to expedite the shutdown,” Google’s vice president of project management David Thacker said in the blog post.
Regular testing
He added: “While we recognise there are implications for developers, we want to ensure the protection of our users.”
Thacker said the leak was discovered by the company through regular testing and it was only live from 7 to 13 November before it was patched.
That means third parties could have had improper access for six days but Google said they have found no evidence the bug was exploited or data misused.
The flaw did not expose financial data, passwords or national identity numbers, Google said.