A vulnerability in the Google+ social network exposed the personal data of up to 500,000 people using the site between 2015 and March 2018, the search giant acknowledged Monday.
Google said it found no evidence of data misuse. Still, as part of the response to the incident, Google plans to shut down the social network permanently.
The company didn’t disclose the vulnerability when it fixed the problem in March because it didn’t want to invite regulatory scrutiny from lawmakers, according to a report Monday by The Wall Street Journal. Google CEO Sundar Pichai was briefed on the decision to not disclose the finding, after an internal committee had already decided the plan, the Journal said.