Twitter bug exposed private messages of Android users, company issues fix

Updated on 03-Jun-2020
HIGHLIGHTS

The bug disabled the “Protect your Tweets” setting for users who had made some changes, like changing the email address associated with the handle, between November 3, 2014 and January 14, 2019.

Highlights:

  • Twitter bug exposes protected tweets for some Android users.
  • The bug disabled the “Protect your Tweets” setting.
  • Those who access Twitter on iOS and web were not affected

 

Twitter has announced that it has fixed a bug on its Android app which made the protected tweets of users public if they made any changes to their accounts. The microblogging website said that if Android users made any changes, like changing the email associated with their accounts, between November 3, 2014 and January 14, 2019, the “Protect your Tweets” setting was disabled.

“You may have been impacted by this issue [with protected Tweets on Twitter for Android] if you had protected Tweets turned on in your settings, used Twitter for Android. iOS Users or those who use Twitter on web were not impacted. We fixed the issue on January 14, and we'll provide updates if other important information becomes available,” the company said in a blog, explaining the issue on its Help Centre page.

Twitter said that it will provide updates if other important information becomes available. As of now, it has informed the people it knows were affected by this issue and has enabled the “Protect your Tweets” setting back for them if it was disabled. Twitter also says that it cannot confirm every account that may have been impacted.

The microblogging platform has also advised every user who is using Twitter for Android to check the “Protect your Tweets” setting if they had enabled it earlier. “We recognise and appreciate the trust you place in us, and are committed to earning that trust every day. We’re very sorry this happened and we’re conducting a full review to help prevent this from happening again,” the company noted

Last year, a bug in company’s Account Activity API affected nearly one percent of all Twitter users, and it reportedly delivered users’ data to the wrong registered developer. In some cases, the bug was said to have delivered certain Direct Messages or protected Tweets (for example a Direct Message with an airline that had authorized an AAAPI developer.). Twitter had claimed that there was only one set of technical circumstances where this issue could have occurred.

Related Read:

Bug found, Twitter asks 336mn users to change password after internal security lapse

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech.

Connect On :