Profile picture
Doug MacMillan @dmac1
, 6 tweets, 2 min read Read on Twitter
Google discovered a software bug that exposed private data on hundreds of thousands of users, and decided not to inform the public. Here’s our story:
on.wsj.com/2ON4dsq

Several questions are still unanswered...
How many people did this impact?

Google investigators ran tests over 2 weeks and found up to 496,951 users could be affected. However, that was just 2 weeks. The bug went unfixed for over 2 years. Over the full period, the actual number of affected users could be much higher.
Why won’t Google tell individuals if their personal data was at risk?

Because Google kept limited activity logs, it couldn’t determine which users may have actually had data taken. But it’s unclear why Google refuses to notify the 496,951 users they believe were at risk.
What caused the malfunction?

Google designed APIs to let outside developers collect Google+ profile data of you and your friends, but it wasn’t supposed to collect non-public friend data. Company says it's a “bug” but hasn't gone into specifics on how it went unnoticed so long
How thoroughly did Google investigate the possible misuse of data?

Google estimated 438 apps had access to user data. The company tested these apps but did not call or visit with any of the developers, sources say.
Did Google have any obligations to disclose this incident to the public?

Companies may be liable to notify users of a data breach if they know certain types of data was accessed. Because Google didn’t know what data was accessed, it’s unclear what laws may apply.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Doug MacMillan
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @dmac1 see all

Profile picture
We wrote about Yahoo scanning emails for ad targeting:
wsj.com/articles/yahoo…

Here’s how it works…
/1
Billions of messages arrive in Yahoo Mail and AOL Mail every day. Yahoo’s parent company Oath scans them all, ignoring personal messages and looking for commercial templates it recognizes

/2
Anyone who receives a receipt from Macys.com may get a cookie placed on their computer identifying them as a department store shopper. Anyone getting a trade confirmation from ETrade.com may get an “investor” cookie.

/3
Read 8 tweets
Profile picture
Google has been trying to make Gmail a platform for outside developers to build email apps and add-ons. In doing so, it’s given hundreds of companies the ability to read people’s email wsj.com/articles/techs…

/1
Email apps perform useful tasks, like Boomerang for scheduling emails and Streak for managing sales prospects. Earny scans your receipts looking for products you overpaid for /2
But many email apps are free, and, surprise surprise, you’re the product. Your inbox contains valuable data -- shopping, travel, finances, personal and professional networks -- that marketers are hungry to get /3
Read 10 tweets

Related threads

Profile picture
This is a big deal. Google's cover-up of its privacy breach is the company's latest attempt to evade scrutiny – both of its business practices and its treatment of user data.
I was frustrated that Google refused to send senior executives to testify before the Intel Committee last month, but to learn that the company was sitting on news of a potential breach affecting hundreds of thousands of users at the time is pretty outrageous.
Rather than keeping the public and Congress in the dark about issues like this, Google should work with Congress to develop some smart, reasonable guardrails that protect Americans and their data.
Read 5 tweets
Profile picture
1. #QAnon North Korea's Punggye-ri nuclear testing site, located inside a mountain near the border with China, has been the site of all 6 of the country's nuclear tests. The dismantling of the facility began in May, but till now observers have not been allowed in to verify. #Q
2. #QAnon's link:
#Q
3. #QAnon: All lovey-dovey says #TrollRex. Being with {Rosenstein] on the plane "will be very nice". Reporter, "Do you have any plans to fire [RR]"? "No, I don't." #Q
Read 45 tweets
Profile picture
I IMPLORE you all to Please for the LOVE of Privacy & Safety STOP USING #GOOGLE - view the article on many other great alternatives, We must all Protect ourselves & STOP letting the #Communist China Google continue to access our private data restoreprivacy.com/google-alterna… #FUGOOGLE
took me sometime but I deleted Google, working on removing Chrome and all google related aps from all my devices 👋
protonmail.com i just dumped 💩gmail 😀👍
Read 3 tweets
Profile picture
El 4 de septiembre #Google cumplió oficialmente 20 años. He creado este "pequeño" hilo con claves y anécdotas de los inicios de Google y cómo se convirtió en el buscador más importante del mundo.

Espero que sea de interés para SEOs y no SEOs -->
1996. Larry Page se está doctorando en Computer Science en Stanford y busca tema para su tesis mientras surfea por internet. La web es una masa de páginas enlazadas entre sí, pero sin ninguna jerarquía. Page idea un sistema para ponerlas en orden, similar a la citación académica.
El análisis de citaciones se usa en el sistema académico desde los años 60, para calcular la importancia de un ensayo científico. Cuanto más lo citan otros trabajos, más importante. Y en eso se basa el PageRank, el algoritmo original de Google para rankear documentos.
Read 44 tweets
Profile picture
💥 Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach - Whistleblower describes how firm linked to former Trump adviser Steve Bannon compiled user data to target American voters - by @carolecadwalla @_EmmaGH theguardian.com/news/2018/mar/…
yesterday FB threatened to sue over the story
The app developed by Aleksandr Kogan's company Global Science Research (GSR) with Cambridge Analytica, collected data on hundreds of thousands of people - but then also collected data on millions of their friends, in ways not allowed by Facebook policy
theguardian.com/news/2018/mar/…
Read 29 tweets
Profile picture
The Dutch didn't just get the whole hack on video, they got personal information on 420,000+ Hansa users.

When I say you can track #cryptocurrency - you can *literally* search your evidence for the number string of a #bitcoin wallet.

You can *Google* it.
wired.com/story/hansa-du…
Even if you're more cautious now, it's easy to track past transactions.

But even local cops can search a computers files for numerical strings of interest.

Now ask yourself what the @FBI & @NSAGov can do.
wired.com/story/bitcoin-…
When @NeonaziWallets can run an automated feed showing the daily bitcoin activities of white supremacists, imagine what the Federal law enforcement & counterintelligence who have known about this for at least almost 6 months could do with their data.
Read 71 tweets

Trending hashtags

#LisaPage #iPhone #FARA #FinCEN #Respect #Democrat #Corruption #botnets #Soros #ReleaseTheMemo #POTUS #NutShellReport #FBI #CIA #MSM #FF #CardinalPell #PANICINDC #AdamSchiff #EnoughIsEnough #Footnote43 #PeterStrzok #QPosts #TickTock #Google

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!