Washington – Sen. Richard Blumenthal on Wednesday asked the Federal Trade Commission to investigate Google over revelations that the company not only exposed private data of Google+ users to outside developers, but also failed to disclose the data leak for months.
Blumenthal criticized Google’s behavior, first reported by the Wall Street Journal, at a hearing about data breaches in the Senate Commerce Committee on Wednesday.
Later in the day, he wrote a letter to Joseph Simons, chairman of the Federal Trade Commission, that was also signed by two other Democratic senators asking for an investigation of Google.
The investigation would not be into the vulnerability of the system, which gave software developers access to private information on Google+. Instead, the senators asked for a probe of Google’s decision against disclosing the security flaw when they fixed the problem in March.
According to the Wall Street Journal, Google did not disclose the vulnerability because it did not want to invite regulatory scrutiny.
“This vulnerability could have potentially affected up to half a million Google users from 2015 and May 2018,” the senators wrote. “While security problems are not uncommon, Google’s concealment of this issue is troubling.”
Blumenthal and his fellow Democrats also took issue with Google’s claim that it found no evidence that any personal data was misused.
“These denials clash with the fact that Google has insufficient records to determine whether a breach occurred,” the senators wrote. “According to its statement, the company only kept logs for two weeks… As such, we may never know the full extent of the damage caused by the failure to provide adequate controls and protection to users.”