Google Firebase misconfiguration exposes data of 20k+ Android users