Google is shutting down its long-neglected Facebook competitor Google+ following the disclosure of a vulnerability that could have resulted in third-party developers accessing private data from around 500,000 users, the company announced on Monday.
In announcing the closure, Google acknowledged that Google+ failed to gain significant traction with consumers. “The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds,” the company said in a statement.
Google said it discovered a bug in Google+ that allowed developers of “up to 438 applications” to access personal information from users who had opted to keep that information private.
Affected data included Google+ profile information like names, email addresses, occupations, and gender and age information, but no personal messages, according to the company, which added that it didn’t find any evidence that any developer actually exploited the bug to access any of this info.
Google launched Google+ in 2011 with an emphasis on privacy, and included fine-grained tools to let users decide what content to share with which of their contacts. The company initially closely connected Google+ with a number of other Google products, including YouTube, Hangouts, and even search.
However, Google+ failed to gain traction beyond a small fan base, despite multiple tweaks that shifted the focus on photo sharing, communities, and other high-engagement applications. In recent years, Google began to de-couple Google+ from its core services, and shifted its focus on standalone products like Google Photos.
Google said on Monday that it will phase out Google+ over the next 10 months. The company plans to keep Google+ up and running as an enterprise communications tool.
The Wall Street Journal was first to report about the Google+ data vulnerability on Monday, revealing that the company chose not to disclose its findings when it first discovered and patched the bug in March.
The company said in its blog post on Monday that it would strengthen Android app permission requirements to give users more fine-grained control over their mobile phone data, and that it would make it harder for apps to access sensitive information, like SMS messages and call records.