Twitter bug may have exposed some of your private conversations
A bug on Twitter's platform may have sent one or more of your DMs or protected tweets to unauthorized developers. It existed on the platform for more than a year and may have affected nearly 1% of its current user base - approximately 3 million people. Twitter says the issue has now been fixed, but is still not sure if the data was misused.
Affected users being contacted by Twitter
The bug was pointed out by a Mashable reporter, who was contacted by Twitter in the wake of this incident. The company apologized and stressed they haven't found a single instance of the exposure and there is "no reason to believe that any data was sent or misused". However, as they're not 100% sure, potentially affected users are being informed about the situation.
How a bug like that exposes DMs?
The issue, as Twitter explained, was present in the Account Activity API (AAAPI) that lets certain developers build tools to support interaction between customers and businesses. This means users who sent direct messages to business accounts, say an airline or delivery service (relying on developers using this API), chances are your conversations might have been sent to a different developer.
Second bug of the year
The API bug may have exposed private information of as many as 3 million Twitter users, but this isn't the first case of data-exposure. Back in May, another bug recorded many users' passwords in an internal log file used by Twitter employees.
If exposure is confirmed, Twitter will get the data dumped
Though the exposure has not been confirmed, Twitter is taking all necessary steps to ensure that developers, who may have received the data, are prevented from misusing it. For this, the 11-year-old service is working with developers, making sure they comply with data obligation and delete every piece of information they are not authorized to have. The investigation into the case is still on.
