You don’t hear Google Plus (Google+) in the news often and soon, you probably won’t hear it at all. That’s because it’s shutting down. Google announced in October that it was going to do this because of a bug in one of its developer tools. It has since found another one during routing testing. This one affects roughly 52.5 million Google+ users, both consumer and enterprise customers. So, sometime around April of 2019, as opposed to in August when it was previously scheduled, we can all say farewell to this particular social media platform.
This bug didn’t expose passwords or financial information, but it did show the developers that use the API in question the full names, email addresses, ages, occupations, skills, birth dates, genders, photos, and other information that was entered into Google+.
If you have a Google+ profile, it’s recommended you delete it completely. You can do this by going into your account and under “settings,” you can click to delete it under “Account.” Read all the fine print and terms though. Some of your Google Account details will be affected, but others won’t. For example, your photos are archived, unless you posted a photo in a comment. Those are deleted. Your comments are deleted, but your contacts are not.
As with any account online that you’re not using, delete it whenever possible. In this case, you won’t have the option to use it once Google puts the kibosh on it. So, just delete it now and get rid of what information you can so it’s not out there lingering. This may not really matter in the end, but it’s better to be safe than sorry.
Also, any account that you have online has some amount of information on you that will never go away. You lose control over your posts, photos, links, etc. when they are shared. Always keep that in mind when putting anything on the Internet, in social media, or even when filling in forms online.
In this case, Google does not believe that the developers that had access to the information exposed in this API even knew they had that access or that it was misused in any way. The developers that used that API also only had access for six days before the bug was discovered.
Stickley on Security
January 9, 2019