It said a bug in its software meant information that people believed was private had been accessible by third parties.
Google said up to 500,000 users had been affected.
According to a report in the Wall Street Journal, the company knew about the issue in March but did not disclose it.
The WSJ quoted an internal Google memo that said doing so would draw "immediate regulatory interest".
In a statement, the firm said the issue was not serious enough to inform the public.
"Our Privacy and Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response.
"None of these thresholds were met here."
Google+ was launched in 2011, quickly becoming known as a failed attempt to compete with Facebook.
Now, after several years of speculation that it was going to be shut down, Google is bringing Google+ for consumers to an end.
Google said it would continue to offer private Google+ powered networks for businesses currently using the software.
"It has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps," wrote Ben Smith, Google's vice president of engineering, in a blog post on Monday.
In the past, the company had been reluctant to share data on how often Google+ was used, but now, facing the fall out of exposed data, the firm appears keen to play down its importance.
"The consumer version of Google+ currently has low usage and engagement: 90% of Google+ user sessions are less than five seconds."
Shares in Google's parent company Alphabet fell by 1.23%.