Despite the size of the security flaw, Google executives opted not to disclose the problem at the time because they feared trouble from regulators after the intense criticism encountered by Facebook over its privacy woes, according to the Wall Street Journal. The bug is said to have affected as many as 500,000 accounts, though the company says it found "no evidence" that any data was actually misused. From 2015 to March 2018, the APIs made it possible for developers to view profile information not marked as public, including full names, email addresses, birth dates, gender, profile photos, places lived, occupation, and relationship status. (There are some exceptions-e.g., voicemail and backup apps.) Developers can find more details in the Google Play Developer Policy Center and in the Help Center. Facebook brought the issue to the forefront in March after its Cambridge Analytica scandal, in which a UK-based digital consultancy harvested data on 87 million Facebook users without their permission. The lawsuit was blocked in the High Court on Monday.
Google put the "final nail in the coffin" of the Google+ product by shutting down "all consumer functionality", the Wall Street Journal reported citing an internal memo.
Because of all of this, Google announced that it would be shutting down Google+ for consumers.
Allegations of the improper use of data for 87 million Facebook users by Cambridge Analytica, which was hired by President Trump's 2016 USA election campaign, has hurt the shares of the world's biggest social network and prompted multiple investigations in the United States and Europe. In a blog post by the company highlighting its findings, it's stated that 90 percent of all Google+ visits last fewer than five seconds.
As many as 438 developers "may have used" the API in question, which could potentially impact up to 500,000 people, according to Google.
It plans to shutdown Google+ for consumers over the course of the next 10 months, with the platform officially retiring in August 2019.
So, for example, if you're using your Google account to sing into a new service and it requests access to your Calendar and Drive, you'll be able to grant or deny that permission on a per-service basis. The decision stems from Project Strobe, an internal effort started earlier this year with the goal of reviewing third-party developer access to Android and Google Account data. It said it had no evidence that the data was misused or that any developer was aware of it or had exploited the leak. "Over the coming months, we will provide consumers with additional information, including ways they can download and migrate their data".