On Monday, Google announced in a company blog post that it will permanently shut down Google+, the search engine’s social network service, after a Wall Street Journal report showed that a software glitch in one of Google+’s APIs had leaked the private information of over 500,000 users to third-party developers between 2015 and March 2018.
The compromised data included only static, optional profile information, such as name, email address, occupation, gender and age, Google said in the blog post. The incident didn’t affect a user’s messaging history, Google+ posts or other account activities.
According to an internal memo obtained by The Wall Street Journal, Google decided not to disclose the data breach to users over fear of regulatory repercussions, like those Facebook recently went through.
Specifically, the memo, prepared by Google’s legal and policy staff, warned the company’s senior executives that disclosing the incident would spark “immediate regulatory interest” and that it “almost guarantees [CEO] Sundar [Pichai] will testify before Congress.”
In response, Google argued that the reason for not disclosing the breach was that it found no evidence that any of the leaked data had been misused, because no outside developer was aware of the software bug in the first place.
Although Google claimed the data breach to be harmless, the incident was the final straw for the already struggling Google+.
“While our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps,” Google said in Monday’s blog post. “The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds.”
Shares of Google’s parent company, Alphabet, dipped three percent on Monday following The Wall Street Journal revelation, but recovered slightly at Tuesday’s trade opening.