Still remember when they launched, forcing everyone wanting to use some random google product, to be part of that multi million failure
In the process google even outed some trans and gay around the world who just wanted to watch a youtube video.. it was fun
All 3 of their current users are reportedly very upset.
Here's the issue in brief: - IF you ever filled out a Google plus profile and - IF one of your friends filled out a Google plus profile and - IF one of your friends used his Google plus profile to log into one of 438 apps, instead of "signing in through Facebook" or "signing in through email" from 2015 until March 2018 ...your data has been breached. You didn't need to log into Google plus since inception for your data to have been affected by this. And keep in mind: your Youtube login and info is your Google Plus login and info. Because Google.
so basically if you have a filled-out facebook and linkedin page, no new data of yours is on the internet. however it is now linked to your google/youtube/whatever personaIt included static data fields such as name, email, occupation, gender and age. It did not include information from Google+ posts.
I remember when Google+ was new, and still in closed beta. Everyone I knew was excited for it, even the tech-illiterate Facebook moms and grandparents. But it was invite-only for so long that people lost interest by the time it opened to the public. In the end only a handful of my school friends signed up, and we all abandoned it after a couple weeks. Its design felt sleek and modern at the time but it wasn't that much better than Facebook. It may have failed as a Facebook replacement but it's still in heavy use among certain communities, especially tech (Linux and Android). Linus Torvalds, for example, used it as his main public-facing social media (though he seems to have stopped early this year). A lot of groups on there are thriving and are gonna be hit hard by this. Still, I was wondering if/when it would be shut down just a couple days ago. They were pushing it so hard for a while that shutting down seems like an admission of defeat, even if they abandoned their G+ centric strategy a long time ago.
It's oh so very much worse than that, though. Yeah. Because the company kept a limited set of activity logs, it was unable to determine which users were affected and what types of data may potentially have been improperly collected, the two people briefed on the matter said. The bug existed since 2015, and it is unclear whether a larger number of users may have been affected over that time. Google believes up to 438 applications had access to the unauthorized Google+ data, the people said. Strobe investigators, after testing some of the apps and checking to see if any of the developers had previous complaints against them, determined none of the developers looked suspicious, the people said. The company’s ability to determine what was done with the data was limited because the company doesn’t have “audit rights” over its developers, the memo said. The company didn’t call or visit with any of the developers, the people said. Google could also face class action lawsuits over its decision not to disclose the incident, Mr. Saikali said. “The story here that the plaintiffs will tell is that Google knew something here and hid it. That by itself is enough to make the lawyers salivate,” he said. In its contracts with paid users of G Suite apps, Google tells customers it will notify them about any incidents involving their data “promptly and without undue delay” and will “promptly take reasonable steps to minimize harm.” That requirement may not apply to Google+ profile data, however, even if it belonged to a G Suite customer. So... those of us who pay for G-suite (and have done since 2015) have had our data out in the breeze for three goddamn years and Google knew about it for six goddamn months. Alphabet's 2017 worldwide revenue was $110b. So that's a $2.2b fine.A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.
During a two-week period in late March, Google ran tests to determine the impact of the bug, one of the people said. It found 496,951 users who had shared private profile data with a friend could have had that data accessed by an outside developer, the person said. Some of the individuals whose data was exposed to potential misuse included paying users of G Suite, a set of productivity tools including Google Docs and Drive, the person said. G Suite customers include businesses, schools and governments.
Europe’s General Data Protection Regulation, which went into effect in May of this year, requires companies to notify regulators of breaches within 72 hours, under threat of a maximum fine of 2% of world-wide revenue. The information potentially leaked via Google’s API would constitute personal information under GDPR, but because the problem was discovered in March, it wouldn’t have been covered under the European regulation, Mr. Saikali said.