Ireland's Data Protection Office today said it will seek answers from Google over the data leak from its failed social media platform Google+, which could have exposed the profile information of at least 500,000 users.
Google said last night it was shutting down Google+ for consumers, after it discovered and patched the bug back in March that revealed private data to third-party developers.
The tech giant said no data was misused while the breach was active. Google had also not seen fit to notify any users of the breach, as none of the thresholds requiring such an action were met in this instance.
“The Data Protection Commission was not aware of this issue and we now need to better understand the details of the breach, including the nature, impact and risk to individuals and we will be seeking information on these issues from Google,” the watchdog said.
It is not yet known whether the Information Commissioner's Office, its UK counterpart, will carry out a similar inquiry.
Google did not immediately respond to a request for comment.
This is the second enquiry carried out into a tech giant's data breach in recent weeks by the Irish regulator, after it announced a probe into Facebook's security leak in September which affected up to 90m users.
If found guilty of breaching General Data Protection Regulation (GDPR) legislation, Facebook could be fined up to four per cent of its global annual turnover, or $1.63bn (£1.25bn). It is unclear whether Google would face the same fate in this instance, as the breach occurred before the GDPR May deadline.
The news comes as Google is set to announce a slate of new products today as part of its Pixel event, including a new Home Hub smart speaker and two new smartphones.