Twitter API Bug May Have Caused An Internal Data Leak

  • A bug in the Twitter API may have led to a large number of users having their data leaked.
  • The social media platform has already sent out a message informing them about the bug.
  • Many protected accounts may have been read by developers without authorization.

Twitter sent out an alarming message to its users today that informed them about a critical API bug. The bug may have led to a data leak by allowing developers on the platform access to direct messages of users with protected accounts.

The data leak was unintentional and was first identified on September 10 by Twitter. The bug has already been patched out, but the extent to which private messages have been seen by partnered developers is unknown. The social media platform went into detail on the bug today, explaining that the flaw may have allowed data to be sent to webhook URLs of the wrong developers.

Twitter API Bug
Image Courtesy of Android Police

Twitter informed users in its blog “Our team has been working diligently with our most active enterprise data customers and partners who have access to this API to evaluate if they were impacted. Through our work so far, and the information made available to us by our partners, we can confirm that the bug did not affect any of the partners or customers with whom we have completed our review.

Two or more registered developers with the Twitter API platform had to share their API subscriptions tied to the same public IP, URL paths had to match exactly across those IPs to successfully share the data. The information would also have to originate from the same server located in the social media giant’s data center. All of these factors combined make it nearly impossible that any personal data was seen by any of the developers.

Twitter has not found any evidence of the data breach. However, an investigation is still ongoing to fully assess if any data was leaked at all. The social media has been dragged into controversy a lot lately with its ineffectiveness at dealing with fake news and hate speech in the past. The microblogging platform has been actively trying to offer a better experience for users.

What do you think about the API bug? Let us know in the comments below. We’d also love to hear back from you so feel free to follow us on Facebook or Twitter.


Recent Articles

Brandon Hoffman, NetEnrich: AI Is No Replacement for People in Cybersec

NetEnrich is a Silicon Valley company that does its best to help other companies protect themselves from outside threats and more. For a few...

How to Protect Yourself From VPN Data Breaches

VPNs or Virtual Private Networks offer us one of the strongest forms of online security possible. The encrypted tunnel that your data is wrapped...

5 Best Kodi Repositories in 2020 – Your Gateway to Hundreds of High-Quality Kodi Addons!

Here's our overview of the best Kodi repositories in 2020. Official Kodi Repository TVAddons Repository BludhavenGrayson Repository Mhancoc7 Repository Marcelveldt Repository By using repositories, you...