Google’s Data Breach Causes Google+ Shutdown

Robert BuheckerData Breaches

Google Experiences Data Breach that Affects 500,000 Users

Repercussions and Regulations Scare Google from Announcing Data Breach

On October 8th, 2018 Google disclosed a data breach that affected 500,000 users. Apparently in March of 2018, Google discovered that a bug in their API for Google+ gave access to third-party developers to not only the users of the applications but also gave the information of the user’s friends. However, instead of announcing this bug and breach in March, when it occurred, Google decided to remain quiet. It was during this same time that Facebook was experiencing a global and public backlash regarding Cambridge Analytica. Google announced that the scope of the hack affected and exposed the information of up to 500,000 Google+ users. What information was leaked in the breach? It was announced that full names, email addresses, birth dates, gender, profile photos, places lived, occupation, and relationship status were the information contained in the breach.

Contact Us Now

How Does Google Plan to Solve The Data Breach Concerns?

What are the actions that Google is taking to rectify this situation? There are four actions Google is promising to take after the data breach, and they titled this initiative, Project Stobe. The first action they announced in their company blog post that they will be shutting down their Google+ social media network. However, it seemed that the shut down of the service was inevitable. In 2011, the service launched with much fanfare but quickly proved to be a failure for them. This hack and coverup is almost the final nail in the coffin to put the service out for good.

The second action they are implementing into their solution and plan of action is launching more granular Google Account permissions that show in individual dialog boxes. This will give users more control over what account data they choose to share with each app. With the extra steps, users will be more informed of the process and what they are choosing to share.

In the third action due to the data breach, Google is focusing their efforts on their email service. This action updates the Data Policy for the consumer Gmail API. It will limit the apps that may seek permission to access consumer Gmail Data.

Finally, for their fourth action, Google is limiting any apps’ ability to receive Call Log and SMS permissions on Android devices. They also announced they will not allow Android devices to make contact information available via the Android Contacts API.

Since the data breach happened in March 2018, Google will not face any penalties from the General Data Protection Regulation (GDPR), which is the EU’s privacy law. The GDRP went into effect in May 2018. However, if Google’s breach happened within the GDPR window, they would need to pay four percent of their annual global revenues of the previous year. That means Google would have had to pay around $4.43 billion.

Was your information used in a negative way?

Google announced that they found no evidence that any of the app developers related to the hack were aware of the bug. They also announced that after their investigation that they could not find if any of the profile data of the 500,000 affected users was misused.

However, there are always risks when you encounter a data breach of any nature and precautions that you should take to protect yourself as a user of a service.

Some of the best practices to follow are:

  • Change your password on your accounts, especially if you used the same password for the account involved in a breach.
  • Check for unusual activity on your other accounts, and make sure there is no fraudulent behavior.
  • Overlook and check your bank statements, credit cards, and any other financial account activity.
  • If you were hacked, or find your information was compromised, contacting a digital forensics firm like Secure Forensics can greatly assist your case to find out what was affected.

However, if you have been part of a data breach, or are victim to your information being used in an unlawful way to a breach and need assistance with building a case and securing the information, Secure Forensics can help. Our digital and computer forensic experts will be able to assist you along the way. For a free phone consultation, call us at 1-800-288-1407.