Statistically PII leaks are due to not secure business logic bugs. Not because of unsafe memory handling of a programming language.

Unauthorized API always leaks.