You are aware that Google identified a vulnerability so awful that they hid it from the public so as not to draw government scrutiny, did not retain access logs, and ultimately shut down a major public application?
> The bigger problem for Google isn’t the crime, but the cover-up. The vulnerability was fixed in March, but Google didn’t come clean until seven months later when The Wall Street Journal got hold of some of the memos discussing the bug. The company seems to know it messed up — why else nuke an entire social network off the map? — but there’s real confusion about exactly what went wrong and when, a confusion that plays into deeper issues in how tech deals with this kind of privacy slip.
It wasn't authentication credentials, but still.