Although once considered to be the darling of Google executives, Google+ is shutting down after a massive data breach that was first reported by the Wall Street Journal. This move was made easier by the fact that the platform continues to lag behind other social media options in terms of engagement; the average Google+ user spends less than 4 second on their page.
The breach was discovered after the company found a bug in one of Google+’s People APIs that allowed apps access to data in Google+ profiles that was not designated as public. Static data such as a person’s name, email, occupation, gender and age all became available. However, the breach did not include information from Google+ posts. And although the bug was patched back in March 2018, Google did not let people know. Furthermore, because of Google’s attention to privacy, they only keep two weeks’ worth of log data, meaning they cannot confirm which users were impacted by the bug.
However, Google+ will continue to work for Enterprise users, which is far and away the most popular use of the social network. As a result, Google decided the service was best used as an internal social network for companies, rather than a consumer product. And the company plans to announce new Enterprise-focused products for Google+ in the near future.
This decision falls in line with Google’s Project Strobe, which is Google’s internal investigation into third-party developer account access to Google and Android products. The project’s main goal is to closely examine security controls, as well as whether or not low user engagement is the result of privacy concerns. And it hopes to identify areas where privacy controls could be strengthened and made more effective. More news will come as Google continues to reshape Google+ and address what could be the largest security breach in the company’s history.