It said a bug in its software meant information that people believed was private had been accessible by third parties.
Speaking about the exposed data, Google said on Monday: "We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any profile data was misused". Google CEO Sundar Pichai was briefed on the decision to not disclose the finding, after an internal committee had already decided the plan, the Journal said. That includes details like email addresses, gender, age, images, relationship statuses, places lived and occupations.
As many as 438 developers "may have used" the API in question, which could potentially impact up to 500,000 people, according to Google. Google says that "only apps directly enhancing email functionality-such as email clients, email backup services and productivity services", will be given authorization.
Google said it couldn't determine which users were impacted by this bug because the API was created to keep logs for only two weeks, and it didn't have access to historical data longer than that.
'This review crystallized what we've known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps, ' Smith said. The first move? Shut down Google+ for consumers. "Given these challenges and the very low usage of the consumer version of Google+, we chose to sunset the consumer version of Google+". Now, only apps that fit a particular use case will be able to access these permissions. This should translate to only your default phone and texting apps having access to your call and SMS data.
"Our review showed that Google+ is better suited as an enterprise product where co-workers can engage in internal discussions on a secure corporate social network", Smith explains.
Now, users will be given greater control over what account data they choose to share with each app.
We made Google+ with privacy in mind and therefore keep this API's log data for only two weeks.
The announcement comes as public scrutiny has intensified around Silicon Valley tech giants' management of user data, among other issues.
In the blog post, Google said it did not immediately announce the problems with Google+ because it was not sure which users to inform, who they were and what affected users could do to protect themselves. Google+ will be gradually discontinued over the next ten months, with the service being scheduled to completely shut down in late August of 2019.