Weinberg explains what happened:
“Google Presentations has a chat feature, based on Google Talk technology, that lets people chat while viewing a presentation. I embedded a presentation here, as did Matt Cutts on his blog, and a number of people linked to it. Everyone who went to that Presentation and logged into their Google Account to chat gave their e-mail address to me and to every other visitor to the chat, without even knowing it. The reason is that Presentations logs your chats, just like Google Talk does, and those logs appear in your Gmail Chat folder. While the chat window in the presentation doesn’t list e-mail addresses, the logs do, and almost everyone gets them automatically.”
Apparently, the breach was live for about 15 hours before it was closed, he says.