Google has started sending out email to those who were affected by the latest Google+ API bug that was disclosed in December 2018. This notification provides details regarding what profile data was exposed and the apps that had access to it.
On December 10th, 2018, Google disclosed a Google+ API bug that allowed apps that were given permission to view a user’s profile data to also see private data that they were not supposed to have access to. According to the disclosure, this bug affected over 50 million users.
Starting last week, Google+ users who were affected by this bug have started receiving notifications from Google that state what fields were exposed and the apps that had access to them. The exposed fields and the associated apps are listed in an attached app_details.csv attachment.
Google had already decided to shut down their Google+ social service in August 2019 due to a general lack of adoption and a prior API bug that leaked the personal information of up to 500,000 Google+ accounts. We have already covered this one before.
After this bug will Google stop before the scheduled date? Let’s wait and see.