VLP Partner Melissa Krasnow Quoted in Wall Street Journal Pro Cybersecurity Newsletter Article “Google Exposed User Data, Feared Repercussions of Disclosing to Public”
VLP Partner Melissa Krasnow was quoted in the article “Google Exposed User Data, Feared Repercussions of Disclosing to Public,” in The Wall Street Journal Pro Cybersecurity Newsletter.
The article reported that a software bug in the Google+ social media platform compromised data exposing personal information of as many as 500,000 users. The Wall Street Journal reported that top executives at the company decided not to disclose the incident, fearing that doing so would trigger regulatory inquiries. The company now plans to shut down Google+ for consumers.
“When you make a decision whether to disclose an incident or not, you have to be forward thinking. What if it comes out publicly, like it did here? You have to look at the road ahead and see how it will be viewed,” Ms. Krasnow told WSJ Pro Cybersecurity. “That’s what prompts a lot of companies to disclose — they want to avoid being accused of hiding it.”
There can be a simple, legitimate reason for deciding to keep quiet, Ms. Krasnow noted. Perhaps the incident was limited and wouldn’t likely result in harm, she said, adding that a single email might be misdirected to a trusted business partner, who notifies the sender, who then deletes it.
The article noted that, according to a post on the company’s website, Google couldn’t confirm which users were impacted by the bug and found no evidence that developers were aware of the issue or that any data was misused. According to The Wall Street Journal, these factors contributed to the decision by Google executives not to disclose the incident, which was discovered and fixed by internal investigators.Share