Overview

Google+ suffered two significant data breaches in 2018. The first, in October, affected 500,000 users, followed by a second in December, impacting 52.5 million users. These breaches exposed users’ names, email addresses, and birthdates to third-party apps.

Response

Google faced scrutiny over the delayed disclosure of the breaches, with fears of reputational damage. As a result, Google+ was eventually shut down.

Lessons Learned

This incident emphasized the need for stricter API access controls and timely breach disclosures.

Source: Dashlane