Vulnerability in the API API reveals 52.5 million private data.
In October, on the Information Leaks channel , I wrote about the fact that Google discovered a potential data leak of 500 thousand users on its social network Google+.
And today, Google said they discovered another vulnerability in the Google+ API API, which could lead to data leakage of 52.5 million users.
The vulnerability existed for 6 days in November 2018 and allowed applications to retrieve information from user profiles (name, email address, gender, date of birth, age, etc.), even if this data was private. In addition, through the profile of one user it was possible to receive data from other users.
After this incident, Google decided to speed up the process of closing its social network - instead of August 2019, Google+ will close in April 2019.