Twitter API Bug
Twitter sent a message to its users regarding an API bug. According to Twitter, it identified a bug on September 10 that potentially allowed direct message and protected accounts to be read by “Twitter developer who was not authorized to receive them.”
Twitter retrieve more detail about the bug on its Developer Blog, explaining that it could have allowed the data it is sent to the wrong developer’s webhook. If it did glow up, a person’s account activity would be routed to the wrong third-party application rather than apps connected to their account. Thus, the copies of the original message and protected tweet would get to hands whoever built the application that incorrectly receives that information.
“It is important to note that based on our initial analysis, a complex series of unusual circumstances had to occur at the same time for this bug to have resulted in account information being shared with the wrong source, but the company is still undergoing an investigation.
Twitter sent a message to its users regarding an API bug. See what is in that message
Affected users are being informed by a message that appeared when opening the app or logging into Twitter’s website
Twitter says it will patch a bug
Twitter said it would repair the damage caused by a bug that could have shared users private data with software developers outside of the company.
The issue is estimated to have impacted not more than 1% of the total Twitter’s users base, which includes 335 million monthly active users. Twitter has hundreds of thousands of partner developers.
Twitter said we have no such evidence to suggest that any data was mistreated or exploited anywhere, a company agent told CNBC, emphasizing that the bug could only occur if a series of all criteria is TRUE, but the company is still undergoing an investigation.