MANILA, Philippines - Twitter in a blog post disclosed it has discovered a bug in their Account Activity Application Program Interface (API) that may have exposed some users’ direct messages and protected tweets to third party developers.
The API allows registered developers to build tools that would help their business and communication with customers on Twitter.
Twitter said that the bug had been active since May last year. It, however, only affected less than 1% of the platform’s users.
The exposed messages were reportedly customer service interactions between users and businesses.
“It is important to note that based on our initial analysis, a complex series of technical circumstances had to occur at the same time for this bug to have resulted in account information definitively being shared with the wrong source,” the post read.
Twitter said that the bug was resolved hours after its discovery last September 10.
While Twitter claims that they have no evidence that information was sent to the wrong party, they say they cannot rule out the possibility. Because of this, they have reached out to the users affected and contacted third party developer partners to ensure that whatever data they may have obtained is deleted. – Rappler.com