Google+ was launched in 2011 as an attempt to launch a social network competitor to Facebook. The platform was integrated with other popular Google services, including YouTube. Although Google+ attracted some initial interest, user engagement quickly dropped and has remained consistently low ever since.

In October 2018, Google announced that the social network would be shut down, following a Wall Street Journal report which found that the company kept quiet a security breach first identified in March, which potentially exposed the personal data of half a million users. An anonymous source speaking to the Wall Street Journal claimed that senior Google staff had not disclosed the vulnerability due to concern about reputational damage, new regulation and CEO Sundar Pichai being required to testify before Congress (despite Google’s best efforts, Pichai is due to address Congress today).

Yesterday, Google announced that it had identified a second bug during regular testing, following a software update. The latest bug, which affects a Google+ API, affected approximately 52.5 million people and lasted for six days. Much like the previous bug disclosed, this could have allowed developers to access private profile data, including age, occupation, username and email addresses. However, Google has reassured users that there is no evidence that the bug was exploited or even noticed by third parties and that the bug did not expose users’ passwords or financial data. The flaw has since been patched.

Following the discovery of this second bug, Google has decided to shut down its ailing social network in April 2019, rather than August 2019 as previously planned. API access for developers will be closed within the next 90 days.

“We understand that our ability to build reliable products that protect your data drives user trust,” Google said in a statement. “We have always taken this seriously and we continue to invest in our privacy programmes to refine internal privacy review processes, create powerful data controls and engage with users, researchers and policymakers to get their feedback and improve our programmes.”

Google+ for enterprise will remain open as planned, with enterprise customers warned if they could have been affected by the bug.

Google+ was launched in 2011 as an attempt to launch a social network competitor to Facebook. The platform was integrated with other popular Google services, including YouTube. Although Google+ attracted some initial interest, user engagement quickly dropped and has remained consistently low ever since.

In October 2018, Google announced that the social network would be shut down, following a Wall Street Journal report which found that the company kept quiet a security breach first identified in March, which potentially exposed the personal data of half a million users. An anonymous source speaking to the Wall Street Journal claimed that senior Google staff had not disclosed the vulnerability due to concern about reputational damage, new regulation and CEO Sundar Pichai being required to testify before Congress (despite Google’s best efforts, Pichai is due to address Congress today).

Yesterday, Google announced that it had identified a second bug during regular testing, following a software update. The latest bug, which affects a Google+ API, affected approximately 52.5 million people and lasted for six days. Much like the previous bug disclosed, this could have allowed developers to access private profile data, including age, occupation, username and email addresses. However, Google has reassured users that there is no evidence that the bug was exploited or even noticed by third parties and that the bug did not expose users’ passwords or financial data. The flaw has since been patched.

Following the discovery of this second bug, Google has decided to shut down its ailing social network in April 2019, rather than August 2019 as previously planned. API access for developers will be closed within the next 90 days.

“We understand that our ability to build reliable products that protect your data drives user trust,” Google said in a statement. “We have always taken this seriously and we continue to invest in our privacy programmes to refine internal privacy review processes, create powerful data controls and engage with users, researchers and policymakers to get their feedback and improve our programmes.”

Google+ for enterprise will remain open as planned, with enterprise customers warned if they could have been affected by the bug.