It’s not often that a security breach will result in a company, especially a massive entity like Google, shutting down a major service. And yet, that is exactly what’s happening with Google+ in the wake of the company’s latest data scandal.
This is not to say this incident was the sole determinant in this decision. But it probably proved a compelling final straw. After all, Google has already been the subject of other recent privacy breaches, including one involving 4 million people’s data compromised.
As for this newest vulnerability, Google+ exposed the highly personal data of hundreds of thousands of users between 2015 and March 2018. And it was only in March that Google discovered it, thanks to a third party audit.
This time, however, that wasn’t the real story. The real story was what decided to do, or not do, next. Concerned about perception and regulations, specifically that they would have a similar situation on their hands as Facebook did with Cambridge Analytica, Google made the ill-advised choice not to disclose the issue. These instructions came in a memo cited by the Wall Street Journal.
So here we are. A social networking platform from a major company, shuttered. It cannot be understated how misguided Google’s decision was to keep this incident hidden until now. Truly, one of the most egregious and irresponsible actions I’ve ever seen as far as cybersecurity goes.
Oh, and about that earlier breach of 4 million users, it also came to light this week that a lawsuit that had been filed was blocked by London’s High Court. The legal action claimed Google had used an iPhone privacy flaw to collect data such as health, political affiliations, finances, and more. The company argued there was insufficient evidence and no way to determine who had been affected—an argument that prompted the judge to deny the plaintiffs’ motion.
There are plans to appeal, but I have to say, for Google being so concerned about their public image, this probably wasn’t the very best week for them.