Google announced recently that a data breach has exposed the information of half a million Google accounts users. Shares of Alphabet Inc., the parent company of Google, saw its shares slip over 2% on the news.
Google said that there was a bug in its developer platform on its Google Plus social network that left information such as user’s name, email address, occupation, gender, and age, vulnerable to a breach.
Google did however say that it had found no evidence the data had been improperly accessed or misused.
The Wall Street Journal broke the news about the bug and reported that the company’s top executives covered up the security incident out of fear of government regulation.
Google defended itself against the report and told The Journal that it did not disclose the incident because it could not accurately identify the affected users, could not find evidence of misuse and could not identify actions to be taken by developers or users in response.
“Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice,” stated Ben Smith, Google’s vice president of engineering, in a blog post.
Smith also said, “Every year, we send millions of notifications to users about privacy and security bugs and issues. Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice.”
“Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance.”
His full blog post can be read here: https://www.blog.google/technology/safety-security/project-strobe/
Google said that it would be shutting down its Google Plus social service for consumers.