Pokemon GO fever is sweeping the country and right on schedule, a new scare over (what else) but privacy concerns is throwing a wet blanket over some of that hype. The issue? iOS users who signed in with their Google accounts found the app gaining full access to their Google account which included everything from Gmail to Google Drive.
Not such a big deal if the developer — the Google-owned Niantic Labs — was upfront with it, but the fact that this information was hidden inside a Google help page made it seem like the developer was attempting something sneaky. Even if the idea of Niantic siphoning some of this Google data for their own purposes sounded far fetched, the chances of someone coming in and hacking their servers still remained a very real possibility in this day and age.
Chiming is Niantic Labs and The Pokemon Company saying in a statement:
We recently discovered that the Pokémon Go account creation process on iOS erroneously requests full access permission for the user’s Google account. However, Pokémon Go only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected.
Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon Go or Niantic. Google will soon reduce Pokémon Go’s permission to only the basic profile data that Pokémon Go needs, and users do not need to take any actions themselves.
So there you have it. As some might of guessed, this was more of a bug than anything and it looks like it will be fixed soon. If you’re still paranoid, you could sign in with a Pokemon Trainer account to avoid using your Google sign-in altogether. Well, whenever those come online (like most things Pokemon GO, the servers are experiencing issues).