Thewame – It's Africa and the World
Science & Tech

Twitter bug that made your private tweets public went unnoticed for over 4 years

Twitter users with an Android device should double- check their accounts, especially if they sent a tweet sometime between 2014 and 2019.

In a statement posted on the Twitter help forum on Thursday, the social network disclosed details surrounding a privacy bug that affected Twitter for Android users with protected tweets.

According to Twitter, if a user enabled “Protect your Tweets” in their settings, used the Twitter for Android app, and made other updates to their account settings, it’s possible that the protected tweets setting was disabled without users' knowledge. One example provided by Twitter of an account settings change that could have triggered the bug is a change to an account’s email address.

Twitter says the security flaw affected Android for Twitter users between Nov. 3, 2014 and Jan. 14, 2019. Twitter for iOS and web users were not impacted by the issue.

SEE ALSO: China is cracking down on the country’s Twitter users

In its disclosure, the company said they reached out to users whose settings were changed due to the bug. However, Twitter is urging all Twitter for Android users to check their settings, as the company cannot confirm every account that the privacy flaw affected.

In a statement to Mashable, Twitter clarified that the users who could be affected would have had to change their settings (such as the account's email) within Twitter for Android.

The protected tweets feature allows users to lock down their Twitter accounts to the public. The user’s tweets are only shown to the account’s followers. Those who try to follow the account must first be approved by the user. Accounts with protected tweets cannot be retweeted. The now-fixed protected tweets issue would have made a user’s tweets publicly visible and allow any user to retweet or follow the account.

The timing of the bug's discovery could not have come at a more inopportune time for Twitter. The company is already under investigation for General Data Protection Regulation (GDPR) violations. The sweeping EU privacy law gives its citizens the right to request their personal data from companies. When Twitter turned down a request from a researcher looking for data related to the service’s short URL, the Irish Data Protection Commission (DPC) opened an investigation.

The DPC is aware of this Twitter for Android privacy issue, according to Bloomberg. Officials are currently looking into the matter and have not yet opened a second investigation into the company.

Under the GDPR, a company violating the law can face fines of up to 4 percent of its annual revenue. Twitter last reported $758 million in revenue during the third quarter of 2018 alone.

WATCH: Judge rules that Feds can't force a person to unlock their phones

Related posts

50 percent of Facebook users could be fake, report claims

Thewame Tech

How the tasty Impossible Burger is just the first step in a mission to combat an environmental crisis — MashTalk

Thewame Tech

Taxi-sharing at CES was a huge disappointment

Thewame Tech

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More