Overclock.net - An Overclocking Community - View Single Post - [Ars] [Updated] Google+ shutting down after data leak affecting 500,000 users

View Single Post
post #13 of (permalink) Old 10-12-2018, 06:52 AM - Thread Starter
Waiting for 7nm EUV
tpi2007's Avatar
Join Date: Nov 2010
Posts: 11,469
Rep: 898 (Unique: 504)
Update (added to the OP):

[Ars] Senators to Google: Why didn’t you disclose Google+ vulnerability sooner?

Three United States senators have demanded that Google provide answers about its recent disclosure of a security breach in its Google+ social network that led to its closure. Google only came forward after the Wall Street Journal broke the story on October 8.

So far, one federal proposed class-action lawsuit has been filed in the wake of the episode.


Please describe in detail when and how Google became aware of this vulnerability and what actions Google took to remedy it.

Why did Google choose not to disclose the vulnerability, including to the Committee or to the public, until many months after it was discovered?

Are there similar incidents which have not been publicly disclosed?

Please provide a copy of Google's internal memo cited in the WSJ article.
Given their active stance on Project Zero, exposing other companies' bugs, it will be interesting to see how Google responds (they have until Oct 30).

tpi2007 is offline