Twitter bug may have sent users’ DMs to unknown developers

The bug ran from May 2017 and within hours of discovering it on September 10, Twitter said it fixed the bug to prevent data from being unintentionally sent to the incorrect developer.

• By: IANS
• San Francisco | September 22, 2018 05:36 PM IST
2 min read

The bug ran from May 2017 and within hours of discovering it on September 10, Twitter said it fixed the bug to prevent data from being unintentionally sent to the incorrect developer. (Image: AP)

A bug in Twitter’s platform for third-party app developers exposed some Direct Messages (DMs) from nearly 3 million users to outsiders, the micro-blogging platform has admitted. The bug ran from May 2017 and within hours of discovering it on September 10, Twitter said it fixed the bug to prevent data from being unintentionally sent to the incorrect developer.

“The bug affected less than 1 per cent of people on Twitter. The bug may have caused some of these interactions to be unintentionally sent to another registered developer,” Twitter said in a blog post. “In some cases, this may have included certain DMs or protected tweets, for example a Direct Message with an airline that had authorised an Account Activity API (AAAPI) developer.”

You’ve Read Your Free Stories For Now

Sign up and keep reading more stories that matter to you.

Create Free Account

Already have an account? Sign In

This story requires a subscription

Select a plan and use IE10 code to get 10% extra off

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹117/month

Best for news lovers

UPSC PACK

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

Already a subscriber? Sign in

This premium article is free for now.

Register to continue reading this story

Free Read

Already have an account? Sign In

This story requires a subscription

Please Select A Plan

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹117/month

Best for news lovers

UPSC PACK

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

This content is exclusive for our subscribers.

Subscribe now to get unlimited access to The Indian Express exclusive and premium stories.

Continue

Already a subscriber? Sign In

The Account Activity API allows registered developers to build tools to better support businesses and their communications with customers on Twitter. Twitter currently has over 336 million users and one per cent means nearly 3 million of those were affected. If your business authorised a developer using the AAAPI to access your account, the bug may have impacted your activity data in error.

“We’re very sorry this happened. If your account was affected by this bug, we will contact you directly through an in-app notice and on twitter.com,” said the company.

In May, the micro-blogging platform asked its 336 million users to change their password across its services after it discovered a bug that stored passwords in plain text in an internal system. Twitter said it found no sign that hackers accessed the exposed data but advised users that they should enter a new password on all services where their current password has been used.

Curated For You

Bha Bha Ba Movie Review, Collection Live Updates: Dileep-Mohanlal film earns over Rs 4.5 crore despite mixed reviews

‘We should grab them and ask for clarity’: Dale Steyn, Robin Uthappa question match officials over 6 fog inspections in Lucknow T20I

‘Hema Malini totally left out by first family after Dharmendra’s death,’ says Shobhaa De: ‘She chose dignity over one-upmanship’