The New York Times is reporting that Google will shut down its ill-fated Google Plus social network over a security flaw that exposed the private data of up to 500,000 users. The vulnerability revealed the email address, occupation, gender and age of the users to 438 third-party applications via online programming interfaces.
Google discovered the flaw in March but chose not to disclose details because, the company says, it did not appear anyone had gained access to the data, and its privacy team decided it was not legally necessary.
The company made the call amid Facebook’s Cambridge Analytica scandal, when it saw how bad public blowback over data security could be. (An internal memo seen by the WSJ warned of “immediate regulatory interest” if the company went public.) Sharon Ovide of Bloomberg Opinion argues that the decision was unwise:
If the company had disclosed the Google Plus problem in March, it would have been a big deal but not a crisis. This cover-up, however, makes the Google Plus digital-security problem so much worse.