Google announced on Monday, December 10, that it uncovered a security bug within a Google+ API that impacted approximately 53 million users. Only a few months ago in October, Google also suffered from a data breach caused by a security bug within a Google+ API that affected nearly 500,000 users. The most recent bug was introduced in November, following an update to the Google+ platform, which has since been patched, that allowed third-party developers to access the personal data of users, even if they had their personal profile information set to private, as well as the personal data of those they are friends with on Google+.
Any apps that requested permission to view profile information where given access to names, email addresses, occupations, gender, and age. Third-party developers were able to view only this type of information, as Google stated there was no access to financial data, national identification numbers, passwords, or any other information used for identity theft. Google also stated that none of the developers who could have had access to this information were aware of this bug, and therefore did not use misuse the information in any way. Google will be shutting down all Google+ API’s by early 2019.
Please be wary of any phishing scams that may include personal information similar to those listed above. The information is used to trick victims into believing the message is from a trusted source, but in reality, forwards the user to click on links that may ask for login credentials or even install malware on their machines if pressed. If Google does send an email about this breach, they will not ask you to click any links, open any attachments, or ask for your personal information. If you cannot validate a message’s authenticity, forward the email to Fordham IT Customer Care at HelpIT@fordham.edu.
The blog post from Google that explains this breach can be found at: https://www.blog.google/technology/safety-security/expediting-changes-google-plus/
For any questions regarding this breach, please feel free to contact IT Customer Care at (718) 817-3999 or HelpIT@fordham.edu.
