Google’s answer to facebook and other social media networks is Google Plus also known as Google+. Although the use of Google+ is not nearly as ubiquitous as facebook or Instagram, Google+ does have a significant number of users. Today, there are many reports of a massive data flaw that exposed the private data of Google+ users. You’ll be seeing a lot of articles on this all over the news. We will try to break down all the information for you and help explain how it can impact you if you have a Google+ account.
What Was the Problem?
It looks as thought the flaw in the Google+ system that allowed private data to be exposed came from an API that was accessed by hundreds of developers. API stands for Application Programming Interface which is essentially an interface that Google designed to allow other outside developers to use to communicate with Google’s systems. The reason Google would build an API to allow developers to use is so that outside developers can code around the API to build different applications and be able to use some information coming from Google’s systems without Google having to allow complete visibility into their systems. So, it’s kind of like a portal that Google allows outside developers to use to communicate with Google.
The problem with this particular API was that it had a bug which allowed access to profile information such as names, email addresses, occupations, gender, and age even if the profile was not set to share the information publicly.
What Can Happen?
Google+ likely has several different types of APIs out there for developers to work with. This is one API that was identified that could allow a developer to access a profile’s personal information even if intended to be kept private. Sources say the flaw existed from 2015 up to this year, 2018. So, it is possible that someone who was aware of the flaw could have downloaded tons of information of people’s profiles, but what could they possibly do with the information? Identity theft is a possibility if they were to attempt to create fake profiles of people and scam money out of contacts.
What Is The Likelyhood That Someone Maliciously Used The Data?
Although this gaping security flaw was available to developers to obtain information that people did not want to publicly display, it is not likely that there is a massive threat being put together with the data that could jeopardize all the exposed users. In other words, we don’t think you have much to worry about here that is new to what you should already be looking out for. When any of your friends, family or contacts ask you for very personal information, it is normal to ask what they need the information for. Have them call you on the phone to verify the authenticity of their request. Make personal contact in order to send highly sensitive information. The data that can be breached from this particular Google+ flaw may not be dangerous on its own, but it could be used maliciously if combined with other sensitive information of yours like financial information and access to your accounts.
Please share any experiences in our comments if you have had anyone attempt to abuse your information from Google+.