Google has settled a class-action lawsuit over the leaking of Google+ user data. The search giant has agreed to pay $7.5 million to resolve the dispute. Claimants are entitled to $12 from the settlement pool, although it could be less depending on the number of claims made.
The leak was caused by what Google called a “flaw” in its “People APIs.” The company found and fixed the bug in October 2018, but it had potentially been leaking data since 2015. Google claimed at the time that it did not believe that any developers were aware of the flaw and doubted that any data had been compromised. The incident prompted the company to initiate plans to shut down the service. It stated that its user base was dwindling, and it was time to wind it down.
Two months later, another leak was discovered that had exposed user names, email addresses, occupations, and ages, regardless of the users’ privacy settings. This time it was estimated that a total of 52.5 million users were potentially affected. Although the exposed information was not vitally damaging, Google decided to step up its shutdown schedule by four months. The search titan finally shuttered Google+ on April 2, 2019.
Despite having settled, Google denies any wrongdoing and does not believe any members of the class nor the named plaintiffs suffered any harm or damages from the security lapse.
Those who held a Google+ profile between January 1, 2015, and April 2, 2019, and had their data exposed are eligible to file a compensation claim. Requests must be submitted by October 8, 2020. After a November 19 fairness hearing, the settlement will be distributed through PayPal or Digital Check. Other claimant options are listed on the settlement website.