Alphabet Inc.’s (GOOGL) subsidiary Google revealed that the personal data of around 500,000 Google + users might have been exposed due to a software bug, which gave outside developers potential access to private profile data, according to a report by the Wall Street Journal.
The incident took place between 2015 and March 2018 until internal investigators found the issue and fixed it. Google chose not to disclose the matter due to concerns over the regulatory action as well as damage to its reputation.
The exposed data comprised of general information including full names, email ids, birthdays and occupation. Google found no evidence of misuse of the data although the company is not completely sure.
Google’s parent Alphabet has decided to take action by rolling out new privacy measures which include closing down Google + for consumers. The legal department warned that disclosing the incident would invite the sort of regulatory scrutiny that Facebook (FB) had to face in the wake of the Cambridge Analytica scandal.
Google analyzed whether it could accurately identify the users to inform, whether there was evidence of misuse and whether responsive action could be taken, and chose to keep mum after it claimed none of these thresholds were met.
The report stated that a broad review of the company’s privacy practices showed that several of its major products needed tighter controls. Google reportedly has plans to restrict the access to user data for outside developers through APIs.
Google + was first unveiled in 2011 as a competitor to Facebook. However, it failed to attract users and ended up as a damp squib. This incident is likely to put Google in a sticky spot amid concerns among various groups over the control that large technology firms have on user data.