For six days in November, an update to the underlying code of Google+ meant that apps seeking to access users’ profile information — including their names, email addresses, occupations and ages — could view that data even if it were “set to not-public,” Google said in a blog post. Apps could have accessed some non-public profile data that had been shared with a user as well.

Source: Los Angeles Times December 10, 2018 22:54 UTC