Second Google+ API vulnerability admitted, network shutdown sped up

Google+, the longtime also-ran social media network, is closing before its initially promised August deadline.

In October, The Wall Street Journal had reported that a vulnerability in its developer APIs had allowed third-party apps to obtain personal details such as date of birth, email address and employer. Subsequently, Google announced for its own reasons — low usership or otherwise — that it would close in 10 months.

Today, Google has once again commented on its The Keyword blog, saying that it had found an API bug —separate from the bug the Journal was told about from sources — only last month. The bug had an estimated impact on 52.5 million accounts, but the company said it was confident that data was not abused.

The company patched the security hole within a week of its discovery. Since then, it has also decided to expedite the sunsetting of Google+ APIs, resulting in the consumer version of Google+’s shutdown coming in April 2019.

Google has consistently maintained that Google+ for enterprise would go on operating and that customers would be notified of who in their organization is affected by the bug.

Google is also due to shut down its Allo consumer chat app and the legacy version of Hangouts in favor of alternative solutions.

Correction: An earlier version of this article stated that Google had only admitted to the bug revealed in October. Pocketnow regrets the error.

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Jules Wang
Jules Wang is News Editor for Pocketnow and one of the hosts of the Pocketnow Weekly Podcast. He came onto the team in 2014 as an intern editing and producing videos and the podcast while he was studying journalism at Emerson College. He graduated the year after and entered into his current position at Pocketnow, full-time.