#BugAlert: Twitter 'accidentally' made protected tweets public for five years
No, the platform has not been hacked (yet), but it has been marred by multiple data-risking bugs.
Just a few weeks ago, we witnessed a weird 'number-spoofing bug', and now, the microblogging site has acknowledged another vulnerability, one that exposed 'protected' tweets for about five years.
Here's more about it.
First up, you should know about protected tweets
If you have been using Twitter for a while, you would know that the platform offers a way to keep tweets protected.
Normally, your tweets stay public, but if you select an option called 'Protect your Tweets' in settings, the posts are visible to only your followers and the people you approve of.
This was the feature compromised by the bug.
So, how Twitter exposed these private tweets?
The vulnerability automatically disabled the 'Protect your Tweets' option for a number of people using Twitter for Android.
It was triggered as and when these users made certain account related tweaks through the mobile app, changes like switching the email associated with the account.
Their private tweets were exposed without any approval or even notice.
Love Tech news?
Stay updated with the latest happenings.
Yes, notify me
How many users have been impacted?
The bug existed on the platform for about five years and was fixed on January 14, Twitter said in its apology for the issue.
The company noted that any user who made account changes through the app during this period (and had protected tweets turned on) may have been impacted.
However, it did not give any insight into the true scale of the issue.
Full review underway, but it is recommended to check settings
Twitter is conducting a review of the incident but has assured that iOS and web users were not affected.
"We've informed people we know were affected by this issue and have turned "Protect your Tweets" back on for them if it was disabled," the company said, noting it can't confirm every account that may have been impacted. "We're very sorry this happened."
Most asked questions
How to check if this setting is on?
Askedby Surabhi Mehra
Did this bug leak any data?
Askedby Vishal Powar
What was the phone number spoofing bug?
Askedby Ishan Sengupta
Are there any other bugs?
Askedby Aanya Lobo