The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Google Plus

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

December 10, 2018Mohit Kumar
Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security vulnerability in one of Google+'s People APIs that could have allowed developers to steal private information on 52.5 million users, including their name, email address, occupation, and age. The vulnerable API in question is called "People: get" that has been designed to let developers request basic information associated with a user profile. However, software update in November introduced the bug in the Google+ People API that allowed apps to view users' information even if a user profile was set to not-public. Google engineers discovered the security issue during standard testing procedures and addressed it within a week of the issue being introduced. The company said
Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

October 08, 2018Swati Khandelwal
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. Since Google+ servers do not keep API logs for more than two weeks, the company cannot confirm the number of users impacted by the vulnerability. However, Google assured its users that the company found no evidence that any developer was aware of this bug, or that the profile data was misused by any of the 438 developers that could have had access. "However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,00
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.