Twitter API Bug May Have Caused An Internal Data Leak

  • A bug in the Twitter API may have led to a large number of users having their data leaked.
  • The social media platform has already sent out a message informing them about the bug.
  • Many protected accounts may have been read by developers without authorization.

Twitter sent out an alarming message to its users today that informed them about a critical API bug. The bug may have led to a data leak by allowing developers on the platform access to direct messages of users with protected accounts.

The data leak was unintentional and was first identified on September 10 by Twitter. The bug has already been patched out, but the extent to which private messages have been seen by partnered developers is unknown. The social media platform went into detail on the bug today, explaining that the flaw may have allowed data to be sent to webhook URLs of the wrong developers.

Twitter API Bug
Image Courtesy of Android Police

Twitter informed users in its blog “Our team has been working diligently with our most active enterprise data customers and partners who have access to this API to evaluate if they were impacted. Through our work so far, and the information made available to us by our partners, we can confirm that the bug did not affect any of the partners or customers with whom we have completed our review.

Two or more registered developers with the Twitter API platform had to share their API subscriptions tied to the same public IP, URL paths had to match exactly across those IPs to successfully share the data. The information would also have to originate from the same server located in the social media giant’s data center. All of these factors combined make it nearly impossible that any personal data was seen by any of the developers.

Twitter has not found any evidence of the data breach. However, an investigation is still ongoing to fully assess if any data was leaked at all. The social media has been dragged into controversy a lot lately with its ineffectiveness at dealing with fake news and hate speech in the past. The microblogging platform has been actively trying to offer a better experience for users.

What do you think about the API bug? Let us know in the comments below. We’d also love to hear back from you so feel free to follow us on Facebook or Twitter.



Microsoft Launches a Redesigned Notepad for Windows 11

The redesigned Notepad for Windows 11 is now rolling out to Windows Insiders. In its new design, Notepad is aligned with the new...

Instagram Reveals New Tools to Keep Teens Safe, Including Parental Controls

Instagram announced its intent to take a 'stricter approach' regarding the content it shows to teen users. As part of Instagram's new tools,...

Microsoft Seizes Chinese-Based Hacker Group’s Websites

Microsoft has taken down several websites used by the China-backed hacker group called Nickel.The seized websites were used to gather information from...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari