At one time Google put significant effort into pushing the adoption of Google+, including using its data to personalize search results based on what a user's connections have +1'd.
According to the Google+ Profile API documentation, profile fields can store a treasure trove of sensitive user details such as such as name, email address, occupation, gender, age, nickname, birthday, just to name a few.
Under the NBD any company who is subject to a data breach, is required to notify both users, and the OAIC of the breach, "where there is a likelihood of serious harm to any of the individuals whose personal information is involved in a data breach". The technology giant opted not to disclose the problem last spring, the Journal reported, in part because of fears of attracting regulatory scrutiny. It is a root-and-branch review of third-party developer access to Google accounts and Android device data and of our philosophy around apps' data access, he wrote. Ireland's data protection regulator told the press it was pushing for more information from Google regarding the breach. In July, the company was criticized after reports that employees for a third-party email app could read emails if those third-party apps had been integrated with email users' Gmail accounts.
However, Google only keeps the log data of the API in question for two weeks, due to privacy reasons, and therefore "cannot confirm which users were impacted by this bug", Smith added.
Google today revealed that it's shutting down the consumer version of Google+.
IPhone XS users can now charge their phones in peace
Apart from that, there are also fixes to subtitles not appearing in some video apps and Bluetooth unavailability issue. Thus, the update to iOS 12.0.1 should help some iPhone users experience faster Wi-Fi connectivity.
There's no evidence that any developer was aware of this bug or abusing the API. "That means we can not confirm which users were impacted by this bug". The bug is said to have affected as many as 500,000 accounts, though the company says it found "no evidence" that any data was actually misused.
The Wall Street Journal cited unidentified sources and an internal memo created by Google's legal and policy staff for upper executives.
"Our analysis showed that up to 438 applications may have used this API", Google said.
"Every year, we send millions of notifications to users about privacy and security bugs and issues".