Ars Technica:

Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were set to be nonpublic.

On Monday, Google said it planned to expedite the closure from August 2019 to April. Google said it still planned to give users the opportunity to transition off of consumer Google+ and would provide them with information on ways to safely and securely download their data and move it to other services, if wanted.

While Google said it had no evidence either data leak was actively exploited, it has no way of assuring users that developers haven’t accessed the profile data that was supposed to be non-public. That means users should assume all profile data of this type is now in the public domain, regardless of how they had set up their permissions.

On the Google blog announcement of this, Google said in the second paragraph, “…We’ve recently determined that some users were impacted by a software update…”

“Some users” is defined by Google as “…approximately 52.5 million…”