Yes, because the #1 thing on the mind of someone who gained unauthorized access (e.g. a remote execution vulnerability) to a system is to cover their tracks, which includes things like doctoring logs.
a vulnerability that allows some unauthorized access to user data via the API and a vulnerability that allows edting logs are very different types of vulnerabilities.
The logs live somewhere else. If you had some magic exploit that let you run code on Google systems AND delete logs, you could do much more damaging things than just reading G+ data.
Yes, because the #1 thing on the mind of someone who gained unauthorized access (e.g. a remote execution vulnerability) to a system is to cover their tracks, which includes things like doctoring logs.