Google is shutting down its long-neglected Facebook competitor Google+ following the disclosure of a vulnerability that could have resulted in third-party developers accessing private data from around 500,000 users, the company announced Monday.
In announcing the closure, Google acknowledged that Google+ failed to gain significant traction with consumers. “The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds,” the company said in a statement.
Google said it discovered a bug in Google+ that allowed developers of “up to 438 applications” to access personal information from users who had opted to keep that information private.
Affected data included Google+ profile information like names, email addresses, occupations, gender and age information, but no personal messages, according to the company, which added that it didn’t find any evidence that any developer actually exploited the bug to access any of this information.
Google launched Google+ in 2011 with an emphasis on privacy, and included fine-grained tools to let users decide what content to share with which of their contacts. The company initially closely connected Google+ with a number of other Google products, including YouTube, Hangouts and even search.
Related
However, Google+ failed to gain traction beyond a small fan base, despite multiple tweaks that shifted the focus on photo sharing, communities and other high-engagement applications. In recent years, Google began to de-couple Google+ from its core services, and shifted its focus on standalone products like Google Photos.
Google said Monday that it will phase out Google+ over the next ten months. The company plans to keep Google+ up and running as an enterprise communications tool.
The Wall Street Journal was first to report about the Google+ data vulnerability Monday, pointing out in its report that the company chose not to disclose its findings when it first discovered and patched the bug in March.
The company responded in its blog post Monday by arguing that it had no evidence that anyone actually exploited the bug. It also said that it would strengthen Android app permission requirements to give users more fine-grained control over their mobile phone data, and that it would make it harder for apps to access sensitive information, like SMS messages and call records.