Tech giant Google agreed to pay $350 million to settle a lawsuit by shareholders related to a security bug at its now-defunct Google+ social media website.

A preliminary settlement was filed late on Monday in San Francisco federal court after more than a year of mediation and requires approval by U.S. District Judge Trina Thompson.

Buy Me A Coffee

It resolves claims that Google learned by March 2018 about a three-year software glitch that exposed Google+ users’ personal data, yet concealed the problem for months while publicly stressing its commitment to data security.

Shareholders said Google feared disclosure would subject it to regulatory and public scrutiny similar to what Facebook received after London-based Cambridge Analytica harvested its users’ data for the 2016 U.S. elections.

According to the complaint, shares of Google’s parent Alphabet fell several times as news about the bug surfaced, wiping out tens of billions of dollars of market value.

Google Takes a Step Back: Third-Party Cookies Get a Reprieve in Chrome