a guest Dec 11th, 2018 535 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- Dear G Suite Administrator,
- We are writing to inform you of a technical issue caused by a software update which affected Google+ APIs between November 7th, 2018 PT and November 13th, 2018 PT. During this time period, third party applications may have had access to more Google+ data than the user intended. Our investigation is ongoing, but we have determined that the people.get API was impacted, resulting in two potential issues:
- Apps that requested permission to view profile information that a user had added to their Google+ profile, such as their name, email address, occupation, age (full list here), were granted permission to view profile information about that user, even when it was set to not-public.
- Apps with access to a user's G+ profile data also had access to profile data that had been shared with the app user by other G+ users, including data that was not shared publicly.
- In both cases, this data was limited to Google+ Profile fields. The bug did not give developers access to information such as financial data, national identification numbers, passwords, or similar data typically used for fraud or identity theft.
- The issue was detected by our automated testing and fixed on November 13th 2018 PT. We have no evidence that the developers who inadvertently had this access for six days misused it in any way.
- 1 of the users in your domain(s) experienced the issue. Please expect a follow up email shortly with the list of impacted user account names.
- For further information, please refer to the Google+ blog post dated December 10th, 2018.
- We appreciate your business and sincerely apologize for any inconvenience this may have caused. If you have any questions, please contact Google Support and reference issue number 120744624.
- The G Suite Team
RAW Paste Data