Twitter has begun informing users about a bug that exposed private direct messages to third-party developers “who were not authorized to receive them.” The company started informing users over the weekend about this bug that revealed direct messages to third-party developers. The company says that its investigation into the issue is ongoing.
“The issue has persisted since May 2017, but we resolved it immediately upon discovering it,” Twitter says, adding that “Our investigation into this issue is ongoing, but presently we have no reason to believe that any data sent to unauthorized developers was misused.”
Twitter will contact users affected by this bug directly through a notice displayed in the mobile app or on its website. It discovered the bug on September 10th and yet informed users about a fortnight later.
A spokesperson for the company mentioned to TechCrunch that it’s “highly unlikely” that any direct messages were sent to the incorrect developers at all. However, it’s merely informing users about this bug just to be sure.
It further added that only messages that were sent to brand accounts such as those of airlines or other businesses might be affected. The company’s investigation so far has revealed that “only one set of technical circumstances where this issue could have occurred.”
Filed in . Read more about Twitter.