Security Market Segment LS
Friday, 12 October 2018 05:53

US pollies want memo that warned against disclosing Google+ leak Featured

US pollies want memo that warned against disclosing Google+ leak Pixabay

Three Republican senators in the US have written to Google chief executive Sundar Pichai asking him to provide a copy of an internal memo that was claimed to have cited regulatory fears as a reason for the company withholding details about a major data leak in the Google+ social network.

The network was shut down after Google was forced to go public about the leak following an article in The Wall Street Journal. The letter was sent on Thursday, US time, and a reply has been sought by 30 October.

The three senators — John Thune, chairman of the Committee on Commerce, Science and Transportation; Roger Wicker, chairman of the subcommittee on Communications, Technology, Innovation and the Internet; and Jerry Moran, chairman of the subcommittee on Consumer Protection, Product Safety, Insurance and Data Security — also asked Pichai to provide details of how and when Google became aware of the vulnerability and what actions it took to remedy the flaw.

The WSJ report said Google kept quiet about the leak which occurred between 2015 and March 2018 when it was found and fixed. Google said the affected data was limited to static optional Google+ profile fields including names, email addresses, occupations, gender and age.

"We are especially disappointed given that Google's chief privacy officer testified before the Senate Commerce Committee on the issue of privacy on September 26, 2018 — just two weeks ago — and did not take the opportunity to provide information regarding this very relevant issue to the Committee," the three senators said.

Thune, Wicker and Moran also asked Pichai to commit to informing the committees they represented if Google found evidence of misuse of data that had leaked from Google+. On the day the leak was announced, the company claimed it had found no evidence of misuse of leaked data.

Pichai was also asked why Google had chosen to keep mum about the discovery of the flaw, whether it had disclosed the issue to any federal agencies before the public disclosure, whether there were similar incidents that had not been publicly disclosed, and whether he (Pichai) believed that users of free Google services should enjoy the same level of notification and mitigation in the event of data breaches as paid G Suite subscribers were afforded.

The internal memo was said to have warned that disclosure of the leak would lead to "immediate regulatory interest" and result in comparisons with Facebook's leak of user details to data analytics firm Cambridge Analytica which came to light in March, the same month that the Google+ leak was discovered.

Cambridge Analytica was forced to shut its doors in May.

Thanks to ZDNet for a link to the letter.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments