Ron Amadeo writing via Ars Technica: Who remembers the sudden and dramatic death of Google+? Google’s Facebook competitor and “social backbone” was effectively dead inside the company around 2014, but Google let the failed service hang around for years in maintenance mode while the company spun off standalone products. In 2018, The Wall Street Journal reported that Google+ had exposed the private data of “hundreds of thousands of users” for years, that Google knew about the problem, and that the company opted not to disclose the data leak for fear of regulatory scrutiny. In the wake of the report, Google was forced to acknowledge the data leak, and the company admitted that the “private” data of 500,000 accounts actually wasn’t private. Since nobody worked on Google+ anymore, Google’s “fix” for the bug was to close Google+ entirely. Then the lawsuits started.
Today’s class-action lawsuit, Matt Matic and Zak Harris v. Google, was filed in October 2018 and blames Google’s “lax approach to data security” for the bugs. The complaint added, “Worse, after discovery of this vulnerability in the Google+ platform, Defendants kept silent for at least seven months, making a calculated decision not to inform users that their Personal Information was compromised, further compromising the privacy of consumers’ information and exposing them to risk of identity theft or worse.” The case website with full details is at googleplusdatalitigation.com. The case was settled in June 2020, with Google agreeing to pay out $7.5 million. After losing about half of that money to legal and administrative fees, and with 1,720,029 people filling out the right forms by the October 2020 deadline, the payout for each person is a whopping $2.15.