Senators to Google: Why didn’t you disclose Google+ vulnerability sooner?

Three United States senators have demanded that Google provide answers about its recent disclosure of a security vulnerability in its Google+ social network that led to its closure. Google only came forward after the Wall Street Journal broke the story on October 8.

So far, one federal proposed class-action lawsuit has been filed in the wake of the episode.

In a Thursday letter sent to Google CEO Sundar Pichai, Sen. John Thune (R-S.D.), Sen. Roger Wicker (R-Miss.), and Sen. Jerry Moran (R-Kan.) have asked a number of pointed questions of the tech giant.

Among others, the lawmakers seek answers to some basic questions that for now the company has been unwilling to answer publicly.

As they wrote:

Please describe in detail when and how Google became aware of this vulnerability and what actions Google took to remedy it.

Why did Google choose not to disclose the vulnerability, including to the Committee or to the public, until many months after it was discovered?

Are there similar incidents which have not been publicly disclosed?

…

Please provide a copy of Google's internal memo cited in the WSJ article.

The senators asked Google to respond by 5pm ET on October 30.

Google did not immediately respond to Ars’ request for comment.