[ad_1]
Another week, another data breach. But this time, it was not Facebook that we were all talking about.
What happened?
Earlier this week, Google said that the confidential information of no less than 500,000 users of its social network Google+ may have been revealed by a bug discovered last year – and corrected without problem – l & # 39; 39, last year. A developer API has been able to see information that it should not see, that is, fields that have not been marked as public.
What does that mean exactly?
According to Google, users could grant access to profile data and public profile information from their friends via the API. But the bug gave the API access to profile fields shared with the user, but not marked as public. This includes e-mail addresses, profession, gender, and age of friends, but not items such as Google+ posts, messages, Google account data, phone numbers, or phone numbers. G Suite content. So when users have access to the API, she also has access to her friends' information.
What did Google do?
Ironically, it's about the same time that Facebook was facing the Cambridge Analytica story. Google has fixed the bug without saying anything, noting that it would attract a lot of unwanted attention on the company. However, when the news broke out this week, she went into action and said that would prevent consumers from accessing Google+ and give users more detailed security controls.
Google+ still existed?
Yes. It could have been news for everyone else too. But it turns out that very few people used it for a while. According to Google, the engagement was very weak, so it was probably an easy decision to finally throw the sponge.
How does it affect me?
Only a little more than 430 developers have requested access to this particular API, which is not a huge amount of people, regardless of their appearance. But all it takes is a malicious intent, right? According to Google, however, there is no indication that private data has been accessed because of the bug. And there are questions about how much private data was actually on Google+ given the number of people who actually used it. But it's hard to say because Google only keeps logging data for this API for two weeks. Google was not looking for any problem, but it was impossible to suggest to any of the developers using the API to abuse the bug.
Should I do something?
If you have a Google+ account and want to know the data that is currently being kept, watch for them in the coming weeks. Google will tell people how they can extract their information from the social network to keep it.
it might also be worth doing a quick security check of your Google Accounts to see the information you share and consider implementing a two-factor authentication to secure your account. In case.
And after?
Well, you can wait to see if your account is among the 30 million people now affected by Facebook's "View As" data breach, announced a few weeks ago. The social network reported that almost half of these accounts had access to data including name and contact information, relationship status, religion, hometown, hometown, date of birth, activities their recent recordings, their education, their work or the pages followed, and the most recent 15 searches. The good news is that there are 50 million people who would have been affected initially.
Not if you are one of the accounts involved
No, probably not.
Source link
