According to The Journal, Google discovered the data breach in March this year and, although the bug has since been patched, the company decided not to disclose the news for fear of "immediate regulatory interest" and potential reputational damage.
According to Google, data that may have potentially been disclosed only includes "static, optional Google+ Profile fields including name, email address, occupation, gender and age".
Google, for its part, said in a report that they have found no evidence that "the data had been improperly accessed or misused".
While Google has faced scrutiny in recent months for allowing third-party apps to access and share data from Gmail accounts, much of the privacy uproar hitting the tech industry has focused on Facebook. It's also limiting said apps' ability to access private data outside of specific use cases.
Google did not immediately respond to a request for comment on the report.
"Our review showed that our Google+ APIs, and the associated controls for consumers, are challenging to develop and maintain". Also the software giant also mentioned that they are no proof whether this bug in the Google+ software was known by any outside developer. "When an app prompts you for access to your Google account data, we always require that you see what data it has asked for, and you must grant it explicit permission", he said. Google confirmed that it had discovered the bug in March, but would not say when it became active.
In response to the breach, Google is shutting down all consumer functionality of Google+. However, it's possible that data were abused and Google just doesn't know about it yet.
On Android, Google will limit apps ability to receive users call logs and short messaging service (SMS) data. Today, after over 7 years of existence, Google is shutting down Google+ for good-although its low user base surprisingly wasn't the main factor behind this decision. It said 90 percent of Google+ user sessions last less than five seconds.
After the security breach in one of the Google+ APIs, Google has not only chose to shut down Google+'s consumer version but they are also looking to make major changes in its developer tools to tighten the security.