Google Plus Shutting Down: Breach Discovered Shared Private Data with Apps

Google made an announcement about user privacy Monday that came as a bit of a surprise to some of its account holders.

Users who are a fan of Google Plus learned Monday that the service that came to be used as a social network within Google was going to be shut down. The reason Google gave for shutting down the platform was that, "There are significant challenges in creating and maintaining a successful Google Plus product that meets consumers' expectations."

The company said it came to this conclusion after conducting a review of the third-party developer apps that build off of its platform. The review was part of what Google calls Project Strobe, "a root-and-branch review of third-party developer access to Google account and Android device data and of our philosophy around apps' data access," according to a release post from Google.

Project Strobe revealed a bug in the Google Plus People API that put some user information at risk. The bug made information that users thought wasn't publicly visible available to 438 apps that used the specific API. The information that was shared included occupation, gender and email address. Google said it "patched" that bug immediately after it was discovered in March 2018 and estimates that upwards of 500,000 user accounts were impacted.

In addition to eliminating Google Plus, the company said it also plans to make it easier for users to see what of their information is available to an app in an easier more accessible way. The company is also going to change the cases in which it's acceptable for an app to "seek permission to access your consumer Gmail data," said a post from Google on Project Strobe.

Google's announcement about the review the company conducted of its own platform, the company also announced changes in policy that would go into effect January 9, 2019. Those policies will focus on the Gmail APIs and are meant to help further assure the security of user accounts.

Those new policies will focus on appropriate access, data use, data security and information necessity, meaning granting apps only the information completely needed to implement an app. Developers will need to submit their products for review by February 22 of 2019 and must be compliant with the new policies by that time.

"Our goal is to support a wide range of useful apps, while ensuring that everyone is confident that their data is secure. By giving developers more explicit rules of the road, and helping users control your data, we can ensure that we keep doing just that," said the post from Google.

google +
A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012, in Hanover, Germany. Google announced Monday that it discovered a flaw in its Google Plus platform in March. Sean Gallup/Getty Images