Twitter Inc (TWTR)

[DiscoverGold]

Twitter bug sent some DMs to developers for over a year
By: Engadget | September 21, 2018

The API problem could have affected millions of users.

A bug in one of Twitter's APIs may have caused unauthorized developers to receive some users' direct messages and protected tweets. Twitter says it hasn't yet discovered evidence that a developer actually received such data, nor does it believe that such information was misused, but can't say for sure that it didn't happen.


Twitter Support
?
@TwitterSupport
· 2h
Developers use our APIs to create tools, like customer service support, or apps to better understand public conversations. We found and fixed a bug that affected less than 1% of people on Twitter in an API that may have shared certain account interactions.


Twitter Support
?
@TwitterSupport
We haven’t found an instance where data was sent to the incorrect party. But we can’t conclusively confirm it didn’t happen, so we’re telling potentially impacted people about the bug. If you were potentially involved, we’ll contact you today. We’re sorry that this happened.

12:15 PM - Sep 21, 2018
93
53 people are talking about this
Twitter Ads info and privacy

Twitter Support
?
@TwitterSupport
Replying to @TwitterSupport
For those who received notifications today, this only involves potential interactions or Direct Messages you have have had with companies using Twitter for things like customer service. Your other DMs are not involved at all.

2:05 PM - Sep 21, 2018
97
85 people are talking about this
Twitter Ads info and privacy

Twitter says that less than one percent of users were affected, but given there are more than 335 million active users, that could still mean the bug hit more than 3 million people. The company is informing affected users via a notice on its app and website.

View image on Twitter
View image on Twitter

Karissa Bell
?
@karissabe
Sorry, what ?! My DMs may have been sent to developers for a more than a year??

1:26 PM - Sep 21, 2018
100
75 people are talking about this
Twitter Ads info and privacy

The company fixed the problem after discovering it September 10th, and it determined that the bug, which affected the Account Activity API, had been active since May 2017. That API lets developers create tools for businesses to communicate with customers, and the bug could have sent those interactions (which often contain sensitive customer information) to a different developer. "In some cases this may have included certain Direct Messages or protected Tweets, for example a Direct Message with an airline that had authorized an AAAPI developer," Twitter said.

https://www.engadget.com/2018/09/21/twitter-bug-leaked-dms-protected-tweets/

• DiscoverGold