Instructor: Aleksi Aaltonen, Section 002

Data Breach

Google+ is Shutting Down After Data Breach

When people think of Google as a company, they don’t always think of their social network platform Google+. However, Google+ has recently brought itself into the headlines by compromising the personal data of over a half million users from 2015 till the present. Google first learned about the incident in March as part of an audit process called “Project Strobe.” During this process, Google took a closer look at the interfaces between 3rd party applications and Google+ and found that data marked private by the user could still be accessed by the software developer. The API bug was not disclosed to the public at the time it was discovered because Google did not want to introduce more regulatory demands onto the social media industry.

In our course, we study the integration of systems into a business and how they could either be a source of cash or a tax. In the case of Google, where IT is the business itself, the integrity and controls of their IT framework must be high priority and highly sound to continue to run their business efficiently. Though when Google allows their IT framework to compromise personal information to other untrusted companies, it becomes not only a source of capital but a source of ethical responsibility. Should Google have released the bug information as soon as it was discovered to increase user confidence? Probably, but they should also make the IT process of securing data more highly weighted in their organization if they continue to profit off user engagement. Google+ has been shut down permanently because of the problem, but this solution may be too late for those with their information given up.