Alphabet Inc’s Google will shut down the consumer version of its failed social network Google+ and tighten its data sharing policies after announcing on Monday that private profile data of at least 500,000 users may have been exposed to hundreds of external developers.
The issue was discovered and patched in March as part of a review of how Google shares data with other applications, Google said in a blog post. No developer exploited the vulnerability or misused data, the review found.
Shares of its parent company Alphabet closed down 1 percent at $1155.92 following the latest in a run of privacy issues to hit big U.S. tech companies.
The Wall Street Journal reported here earlier that Google opted not to disclose the security issue due to fears of regulatory scrutiny, citing unnamed sources and a memo prepared by Google’s legal and policy staff for senior executives.
Google feared disclosure would invite comparison to Facebook Inc’s leak of user information to data firm Cambridge Analytica, the Journal reported, adding that Chief Executive Sundar Pichai had been briefed on the issue. Google declined to comment beyond its blog post.
Google said on Monday none of the thresholds it requires to disclose a breach were met after reviewing the type of data involved, whether it could identify the users to inform, establish any evidence of misuse, and whether there were any actions a developer or user could take to protect themselves.
Users have the right to be notified if their information could have been compromised, said Jacob Lehmann, managing director at legal firm Friedman CyZen. This is a direct result of the scrutiny that Facebook dealt with regarding the Cambridge Analytica scandal.