Google today has began to fully disclose info on the security problem it first discovered in March.
One of the APIs that helps people share their account profiles with others through Google+ was inadvertently left open for apps to access. Google says about 438 apps had the ability to access user data, including name, email address, occupation, gender, and age, for a lengthy period of time.
As far as Google knows, none of the 438 apps were aware of or used the security hole to take user data. Google believes the public profile data of about 500,000 people was left exposed, though not accessed. Google patched the bug immediately in March, but chose not to reveal this information to the public for fear of regulatory reprisal.
Google also says Google+ has seen traffic diminish significantly, with 90% of sessions lasting less than five seconds. Due to the security lapse and the low usage, Google has chosen to sunset Google+.
Consumers will have 10 months, through August 2019, to download their data before Google+ is turned off permanently.
Google+ initially hoped to be a social networking alternative to Facebook. It later scaled back the service with a focus on businesses and groups.
