Google is speeding up its plans to shut down the consumer version of Google+ following the discovery of a second user data leak.
On Monday, the Web giant revealed it recently discovered a new bug, which may have exposed the personal information of 52.5 million Google+ users. Affecting a Google+ API, that flaw was introduced as part of a November software update. It may have allowed app developers to access certain "not-public" information on users' profiles—including names, email addresses, occupations, ages, and more—over a six-day period, G Suite VP of Product Management David Thacker wrote in a blog post.
In addition, "apps with access to a user's Google+ profile data also had access to the profile data that had been shared with the consenting user by another Google+ user but that was not shared publicly," Thacker wrote.
In light of this second epic fail, Google is now scrambling to sunset the unpopular social network and all Google+ APIs. The company now says it will shut down the consumer version of Google+ in April 2019, four months earlier than originally planned, and get rid of all Google+ APIs within the next 90 days.
Google discovered this new bug during regular testing and fixed it within a week of its introduction.
"No third party compromised our systems, and we have no evidence that the app developers that inadvertently had this access for six days were aware of it or misused it in any way," Thacker wrote. "The bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft."
Google is now working to notify consumer and enterprise users impacted by the flaw. The company also promised to share more information with developers "in the coming days." Google is also currently investigating whether this problem impacts any other Google+ APIs.