Header Image

In an alert on Twitter, the social network is alerting users that for over a year, their direct messages and private tweets may have been sent to Twitter developers by mistake.

This popup is titled "A bug affecting one of our APIs" and states that from May 2017 to September 10th 2018, a a bug in their API may have caused your private direct messages or protected tweets to be sent to Twitter developers who were not authorized to view them.  They further state that when the bug was detected on September 10th, it was immediately fixed.

Twitter Bug Disclosure
Twitter Bug Disclosure

While Twitter states that they have no reason to believe the private information was misused, they are investigating the matter further. The full text of the bug is displayed below:

A bug affecting one of our APIs

On Monday, September 10, we identified a bug that may have sent one or more of your Direct Messages or protected Tweets (if your account was protected at the time) to Twitter developers who were not authorized to receive them. The issue has persisted since May 2017, but we resolved it immediately upon discovering it. Our investigation into this issue is ongoing, but presently we have no reason to believe that any data sent to unauthorized developers was misused. Learn more.

We regret the incident and sincerely apologize for the error. No action is required from you. However, if you have any questions or concerns regarding this incident, you can contact Twitter via the privacy policy inquiry page.

BleepingComputer has contacted Twitter for more information regarding this bug and how many users may have been affected, but had not heard back at the time of this publication.

Related Articles:

Google+ Shutting Down After Bug Leaks Info of 500k Accounts

Signal Desktop Leaves Message Decryption Key in Plain Sight

Missing Files, Bugs Reported After Windows 10 October 2018 Update

Google Bug Breaks Search Results with a Plus Sign On Mac Safari (Fixed)

Twitter Issues New Policies on Election Interference