Twitter for Android Carried a Severe Privacy-Compromising Vulnerability
Last updated September 25, 2021
If you are a Twitter user on Android and have changed your settings anytime between November 3, 2014, to January 14, 2019, your tweets may have been exposed. The social media platform revealed details about a bug that caused the issue and has apologized for the same. The bug was responsible for overwriting the “Protect your Tweets” preferences when changing other settings on accounts. According to the micro-blogging platform, the bug was not taken advantage of by cybercriminals.
Twitter updated its Help Page regarding the incident stating "You may have been impacted by this issue if you had protected Tweets turned on in your settings, used Twitter for Android, and made certain changes to account settings such as changing the email address associated with your account between November 3, 2014, and January 14, 2019. We encourage you to review your privacy settings to ensure that your ‘Protect your Tweets' setting reflects your preferences.”
This is not the first time that a major security incident has happened on Twitter with the platform revealing in May 2018 that 336 million users were affected by a bug that removed any encryption on their passwords and stored the passwords in plain text format internally. Another bug was discovered last year that caused 3 million users’ direct messages to be visible to others. The bug was active from May 2017 and was patched in September 2018.
Even though the new data breach does not seem to have been exploited by hackers, all users have been requested to change their passwords to secure their accounts. The data leak occurred in the midst of ongoing investigations against the micro-blogging platform over its data collection practices.
What do you think about the bug affected Twitter users on Android? Let us know in the comments below. We’d also love to hear back from you so feel free to follow us on Facebook or Twitter.