As part of the development of NextGen Rock, including the v2 API, we've improved where each Entity Type inherits its security, and in some cases, we're shifting away from the global default of "Allow All Users" to more restrictive defaults. Check out this blog post for more details.
ℹ️ As part of that change, group-level attribute security is now more accurately enforced by the Lava Attribute filter. If you want a group attribute to be visible to all individuals, you’ll need to explicitly set its view permission accordingly.