LASER_oneXM

Level 33
Verified
Google has started sending out notifications to those who were affected by their Google+ API bug that was disclosed in December 2018. This notification provides details regarding what profile data was exposed and the apps that had access to it.

On December 10th, 2018, Google disclosed a Google+ API bug that allowed apps that were given permission to view a user's profile data to also see private data that they were not supposed to have access to. According to the disclosure, this bug affected over 50 million users.

Starting last week, Google+ users who were affected by this bug have started receiving notifications from Google that state what fields were exposed and the apps that had access to them. The exposed fields and the associated apps are listed in an attached app_details.csv attachment.