This Time Its The Google+ Data Breach

2 years ago

Data breaches are becoming more prevalent. Last week, the Wall Street Journal revealed internal memos about a security vulnerability in which third-party developers could access data from over 500,000 Google+ accounts. This data included usernames, occupation, date of birth, gender and more. Google upholds that no actual information was scraped and that it was only a potential data breach.

So if there was no breach then why is everyone so worked up? Well, according to the memos the bug was detected and fixed in March 2018. This means that Google was aware of the potential breach for 7 months before being exposed and by the looks of it, Google had no intention of disclosing this at all. The internal memo stated that disclosing the incident could trigger โ€œimmediate regulatory interestโ€ and invite comparisons to Facebookโ€™s Cambridge Analytica data breach which had occurred that same month.

Why Does This Matter?

Some people found the breach funny or irrelevant, mainly because Google+ was never as popular as it was supposed to be to begin with and it didnโ€™t have a huge user base (compared to Facebook which Google+ was supposed to rival). What is worrying is that, at one time, millions of people made Google+ accounts that still exist years after Google+ stopped being a meaningful social media platform.

This is a story about how our digital footprint we create and subsequently forget about can easily come back to haunt us. It would be like when the world eventually stops using Facebook or Twitter and then years later your dormant account and millions of others are hacked and information is leaked. Is it a laughing matter since everyone else has moved on to a new social platform?

What Now?

Google wasnโ€™t legally required to disclose the incident to the public as no legitimate breach occurred. However, Google could potentially face class-action lawsuits over its decision to not disclose the incident. Whilst laws such as the GDPR and the Notifiable Data Breach Scheme are in place, are they enough? Should big companies also face fines for not disclosing whether a potential breach could have taken place?

Too Little, Too Late?

Google claim they are planning on taking measures to clamp down on security. One of these measures is to shut down Google+ all together. The company will also limit the amount of access third party developers have with other Google applications.

This is Googleโ€™s second big data scandal this year, The Associated Press found that Google collected the location data of Android users even if their location history setting was turned off.

Letโ€™s get started

Get in touch today and speak with one of our friendly staff. We will take the time to assess your business requirements and provide an obligation-free quote.ย 

Facebook
Twitter
LinkedIn

CORE

All the essentials
$ 75 Monthly
  • 3 Hours Remote Support
  • Support Hours 8am - 5.30pm M-F
  • Best Effort Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment

Growth

Unlimited Support + Security
$ 95 Monthly
  • Unlimited Remote + Onsite Support
  • Support Hours 8am - 5.30pm M-F
  • Guaranteed Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection
Popular

Enhanced

Unlimited Support 24x7 + Security
$ 165 Monthly
  • Unlimited Remote + Onsite Support
  • 24 Hours Support - 7 Days a Week
  • Priority Response Times
  • Staff Onboarding + Offboarding
  • Microsoft 365 Administration
  • Cyber Security Awareness Training
  • EDR/Antivirus - Endpoint Protection
  • Cloud Hosted Email Security
  • Critical Software + Security Updates
  • Server Performance Monitoring
  • 24 x 7 System Monitoring + Alerts
  • Daily Backup Monitoring
  • Monthly Executive Reports
  • Standard Operating Environment
  • Essential 8 Assess & Report
  • Monthly Vulnerability Scanning
  • Threatlocker Application Control
  • Keeper Password Manager
  • Duo Multi Factor Authentication
  • DNS Filter Internet Protection