It was only a matter of time—the same day that Google announced it was shutting down Google+ in the wake of a data leak, two users filed a proposed class-action lawsuit in federal court in San Francisco, saying that their privacy had been violated.
The case, , alleges that the company’s “lax approach” to security resulted in API bugs that exposed the private details of almost 500,000 Google+ users.
“Worse, after discovery of this vulnerability in the Google+ platform, Defendants kept silent for at least seven months, making a calculated decision not to inform users that their Personal Information was compromised, further compromising the privacy of consumers‘ information and exposing them to risk of identity theft or worse,” Joshua Watson, the attorney for Matic and Harris wrote in the civil complaint filed on Monday.
The men allege violations of California’s Unfair Competition Law, negligence, and invasion of privacy, among other claims.
Google did not immediately respond to Ars’ request for comment.