[ad_1]
<div _ngcontent-c15 = "" innerhtml = "
Yesterday, Google became the last technology giant to admit a potential data breach after a software bug in the user information on the Google+ social network.
Despite the disclosure of data belonging to hundreds of thousands of users, Google chose not to disclose details, fearing to damage its reputation, according to an article in The Wall Street Journal.
So, what happened exactly?
Between 2015 and March 2018, external developers could potentially access personal Google+ profile data due to a software problem on the site. When the flaw was discovered, Google decided not to warn users of the social network. An internal memo warned that disclosure of the leak would result in "regulatory interest" and lead to comparisons with Facebook following the Cambridge Analytica scandal.
Users can grant access to their profile data to Google+ apps through the API. The bug meant that applications also had access to profile fields shared with the user, but not marked as public. Google indicates that this data is limited to "optional Google+ static profile fields," including name, email address, occupation, gender, and age. Technology giant says: "This does not include other data you've published or connected to Google+ or any other service, such as Google+ posts, messages, Google account data, phone numbers or the content of G Suite. "
However, since Google keeps the API log data for only two weeks, it can not confirm the users affected by this bug. After doing a "detailed scan" in the two weeks before the bug was fixed, Google thinks the profiles of 500,000 Google+ accounts could potentially be affected.
Google claims to have found "no evidence that a developer was aware of this bug or misuse of the API," adding, "We have found no evidence that profile data has been misused ".
What should I do now?
Google+ is not a popular social network. However, many users have created accounts that have joined their other Google products, such as Gmail. If, like most people, you have not used the service, you will not lose your time now to close it.
You can find your account by logging into your Gmail account. Once you have opened Google+, go to "Settings" on the left side. If you scroll down, there is an option to delete your account. You will be prompted to log in and will be asked again if you are sure you want to leave. Google will ask you the reason for your departure. The last option is, curiously, "I do not know who can see my data".
Is this problem solved?
According to Google, yes. In March 2018, the problem was solved by the internal investigators. However, this will degrade Google's trust at a time when large tech companies are already under scrutiny from regulators and end users.
Is the violation impacted by the GDPR?
Google's reaction to this violation of user data shows that companies will be slow to avoid public scrutiny, which in this case has turned against him. However, as the problem was discovered and resolved before March 2018, Google can not be held liable for the fines provided for in the update of the European Data Protection Regulation (GPR) corresponding to 4% of the figure. ;business.
It should also be noted that the number of potentially compromised accounts – 500,000 – is below the figure of 50 million originally announced by Facebook. Google+ had few users, which in this case worked to his advantage.
What is Google doing right now?
In a blog, the company announced that it will annul Google+ to consumers and instead offer business service. It also strengthens its security and privacy measures throughout the Google suite. He says, "In the coming months, we will roll out additional controls and update policies on more of our APIs. In this case, we will work with our developer partners to give them the time to adjust and update their applications and services. "
The company is launching more granular Google account permissions that will appear in individual dialogs. For example, it states: "When an application prompts you to access your Google Account data, we always ask you to view the data it has requested and you must grant it explicit permission."
The company adds, "Our goal is to support a wide range of useful applications, while ensuring that everyone is confident that their data is secure. By giving developers more explicit rules of the road and helping users control your data, we can ensure that we continue to do so. "
What does this tell us about how technology companies are using and protecting data?
After Facebook hacking was revealed only last month, confidence is at its lowest level. Technology companies collect huge amounts of user data, but their security measures are often cruelly inadequate.
Technology is supposed to make life easier for people, but all too often companies that collect data do not clearly explain how they use it and do not protect it from hackers.
">
Yesterday, Google became the last technology giant to admit a potential data breach after a software bug in the user information on the Google+ social network.
Despite the disclosure of data belonging to hundreds of thousands of users, Google chose not to disclose details, fearing to damage its reputation, according to an article in The Wall Street Journal.
So, what happened exactly?
Between 2015 and March 2018, external developers could potentially access personal Google+ profile data due to a software problem on the site. When the flaw was discovered, Google decided not to warn users of the social network. An internal memo warned that disclosure of the leak would result in "regulatory interest" and lead to comparisons with Facebook following the Cambridge Analytica scandal.
Users can grant access to their profile data to Google+ apps through the API. The bug meant that applications also had access to profile fields shared with the user, but not marked as public. Google indicates that this data is limited to "optional Google+ static profile fields," including name, email address, occupation, gender, and age. Technology giant says: "This does not include other data you've published or connected to Google+ or any other service, such as Google+ posts, messages, Google account data, phone numbers or the content of G Suite. "
However, since Google keeps the API log data for only two weeks, it can not confirm the users affected by this bug. After doing a "detailed scan" in the two weeks before the bug was fixed, Google thinks the profiles of 500,000 Google+ accounts could potentially be affected.
Google claims to have found "no evidence that a developer was aware of this bug or misuse of the API," adding, "We have found no evidence that profile data has been misused ".
What should I do now?
Google+ is not a popular social network. However, many users have created accounts that have joined their other Google products, such as Gmail. If, like most people, you have not used the service, you will not lose your time now to close it.
You can find your account by logging into your Gmail account. Once you have opened Google+, go to "Settings" on the left side. If you scroll down, there is an option to delete your account. You will be prompted to log in and will be asked again if you are sure you want to leave. Google will ask you the reason for your departure. The last option is, curiously, "I do not know who can see my data".
Is this problem solved?
According to Google, yes. In March 2018, the problem was solved by the internal investigators. However, this will degrade Google's trust at a time when large tech companies are already under scrutiny from regulators and end users.
Is the violation impacted by the GDPR?
Google's reaction to this violation of user data shows that companies will be slow to avoid public scrutiny, which in this case has turned against him. However, as the problem was discovered and resolved before March 2018, Google can not be held liable for the fines provided for in the update of the European Data Protection Regulation (GPR) corresponding to 4% of the figure. ;business.
It should also be noted that the number of potentially compromised accounts – 500,000 – is below the figure of 50 million originally announced by Facebook. Google+ had few users, which in this case worked to his advantage.
What is Google doing right now?
In a blog, the company announced that it will annul Google+ to consumers and instead offer business service. It also strengthens its security and privacy measures throughout the Google suite. He says, "In the coming months, we will roll out additional controls and update policies on more of our APIs. In this case, we will work with our developer partners to give them the time to adjust and update their applications and services. "
The company is launching more granular Google account permissions that will appear in individual dialogs. For example, it states: "When an application prompts you to access your Google Account data, we always ask you to view the data it has requested and you must grant it explicit permission."
The company adds, "Our goal is to support a wide range of useful applications, while ensuring that everyone is confident that their data is secure. By giving developers more explicit rules of the road and helping users control your data, we can ensure that we continue to do so. "
What does this tell us about how technology companies are using and protecting data?
After Facebook hacking was revealed only last month, confidence is at its lowest level. Technology companies collect huge amounts of user data, but their security measures are often cruelly inadequate.
Technology is supposed to make life easier for people, but all too often companies that collect data do not clearly explain how they use it and do not protect it from hackers.