/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us/pcq/media/post_banners/wp-content/uploads/2018/02/Google.jpg)
According to a report, Google had discovered a “software glitch” earlier this year that allowed third-party developers to access 500,000 private profile data since 2015. The data the were accessible included “full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship status.”
What’s even worse is that Google found out about this breach earlier in March 2018 and decided not to disclose the breach in public.
What is Google doing about this?
Google has announced that it will be shutting down Google Plus for consumers between now and August due to “significant challenges” to maintaining a social network
It also said that it had found no evidence that outside developers were aware of the security flaw and no indication that any user profiles were touched. The flaw was fixed in an update made in March.
Besides this, Google is also implementing several additional security features for its services which includes:
- Limiting the types of apps that are permitted to access Gmail
- Limiting apps’ ability to receive Call Log and SMS permissions on Android devices
- No longer making contact interaction data available via the Android Contacts API.
Comments from Ankush Johar, Director at Infosec Ventures - an organisation that provides complete infrastructure security solutions for commercial and government clients of all sizes.
Although this vulnerability has just been announced by Google, it is not known for how long it has been out in the open. It is possible that certain malicious hackers might already be exploiting this since time unknown. Privacy today is an Urban Legend and time after time such revelations simply prove the same.
Security of an individual is in his own hands and the only way to stay secure is to simply assume that no matter how you are communicating, someone, somewhere is already snooping on it and hence act accordingly.
Comments from Manish kumawat, Director at Cryptus Cyber Security Pvt Ltd, an organisation that provides Cyber Security Services, Corporate Training to the govt. & Private organisations.
Third party apps can access Google+ users' private profiles, which meant to be shared only with friends. It might be possible Black hat hackers were using this vulnerability to collect the data of users. This is like the same thing which happened with the Facebook, Third party company apps of Cambridge Analytica company collecting users data. Google said, “it was unable to confirm which accounts were affected by the bug, but an analysis indicated it could have been as many as 500,000 Google+ accounts.”
It has decided to shut down the Google+ platform, So users can delete their profile asap because of Google is not taking interest to make it continue. Nowadays everyone has the profile at social media, so black hat hackers finding critical vulnerability in the social media platform so that they can breach their data and privacy, so users should be using private privacy if they can.