Shocker! Twitter shared location of some iOS users
In another case of poor data security, Twitter has apologized for leaking the location data of iOS users by 'mistake'. The micro-blogging site collected the data and shared it with a so-called 'trusted' advertising partner. It said that the leak stemmed from a bug in the Twitter app for iOS and has now been fixed. Here are the details.
Data-sharing bug in Twitter for iOS
As there's no way to run two accounts on the Twitter app, people with multiple accounts log into one account at a time. However, due to a bug, this arrangement triggered a critical security issue for people using the iOS version of the service. If they kept 'precise location' sharing setting on for one account, the app shared location for the other account too.
Twitter collected location and shared with advertisers
Twitter didn't just collect location data but also shared it with a certain 'trusted' advertising partner. It said it tried preventing the sharing, but that didn't go as planned and they had to implement technical measures to fuzz out the data from the advertiser. Notably, the company also emphasized that their partner has confirmed that the data has been deleted.
Twitter says they can't see your location
"This location data could not be used to determine an address or to map your precise movements," the company said. "The partner did not receive data such as your Twitter handle or other unique account IDs that could have compromised your identity on Twitter."
Affected users being notified
Twitter didn't say how many users might have been impacted but noted the affected people are being notified about the issue. So, if your data was sent to a third-party without permission, Twitter will reach out to you, perhaps through an email or in-app message. "We're very sorry this happened," the company added, noting that the issue has been fixed and won't happen again.
This isn't the first bug-based leak from Twitter
While Twitter says it's working to prevent such leaks, mistakes keep happening all the time. Back in January, the company revealed it accidentally made protected tweets public for a period of five years. And a month before that, it had exposed country codes of phone numbers linked with certain accounts. Hopefully, it doesn't get worse from here!
