Android apps exposed data of millions of users through cloud authentication failures