Google discovered a software glitch that gave outsiders potential access to private profile data, and consequently shuttered its consumer Google+ site.
The company cannot confirm which users’ data were impacted. According to Google, a software glitch in the social site could allow outside developers to potentially access private profile data from up to 500,000 accounts from 2015 through March 2018.
The company didn’t disclose to its customers the data breach for fear of damaging its reputation as well as facing a potential for a regulatory inquiry, according to The Wall Street Journal.
Google immediately patched the bug when it discovered it as part of the Project Strobe audit in March 2018.
Commenting on the glitch and response in a blog post, Google noted that their Privacy & Data Protection Office reviewed the issue and “is looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance.”
The company added that it decided to sunset the consumer version of Google+ due to the significant challenges in creating and maintaining it and its very low usage.