Connect with us

Technology

Twitter bug potentially exposed DMs to unauthorized developers for over a year

Published

on

Not good.
Not good.

Image: GETTY IMAGES/LEON NEAL

Well this isn’t good. 

Late Friday morning, Twitter notified a select group of users that some of their private messages might not have been exactly, well, private. The warning, issued to at least one Mashable reporter in the form of a popup within the mobile app, says the issue has been ongoing since May of last year. 

That’s right, this bug may have been exposing some of your direct messages for 16 months. 

“On Monday, September 10, we identified a bug that may have sent one or more of your Direct Messages or protected Tweets (if your account was protected at the time) to Twitter developers who were not authorized to received them,” read the message. “The issue has persisted since May 2017, but we resolved it immediately upon discovering it.”

Obviously, a bug that might have sent your DMs to developers — developers, a Twitter spokesperson confirmed, who do not work at Twitter — is no laughing matter, but there is some good news. 

According to the spokesperson, we don’t necessarily need to worry that some dude somewhere is reading the DMs you sent to your significant other. Instead, it appears that the only direct messages potentially affected were those you sent directly to companies. 

“This only involved conversations or DMs you would have had with companies or things that would have been powered by third parties,” the spokesperson explained over the phone. “It’s highly unlikely that this happened at all,” she added, noting that the company issued the warning out of a “complete abundance of caution.”

A Twitter blog post further clarified that “[any] party that may have received unintended information was a developer registered through our developer program.” 

“Less than 1 percent of users were potentially affected,” the spokesperson confirmed. 

Still, though, it’s possible you discussed private details — like travel plans or health information — over a DM with a company. Companies do offer customer support this way, after all. 

While any bug potentially exposing direct messages is terrible, this sounds like it could have been a lot worse. Regardless, it’s not exactly reassuring that your private messages can suddenly become not so private.

Maybe next time you need to message someone privately, do it right. Use Signal

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f85602%2f68351b5e b049 4363 94aa 3fb799f48542

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}

Continue Reading
Advertisement Find your dream job

Trending