Twitter said Friday the item has patched a bug in which could have shared users’ private messages with software developers outside of the company.
The issue will be estimated to have impacted less than 1 percent of Twitter’s total user base, which includes 335 million monthly active users as of July. The company has hundreds of partner developers.
The company’s stock cost hit a day low of $28.49 following the bug’s disclosure. Twitter’s share cost closed at $28.50, down more than 4.5 percent on the day.
“We have no evidence to suggest in which any data was improperly misused or exploited anywhere,” a company spokeswoman told CNBC, emphasizing in which the bug could only occur if a series of complex criteria were met. “There’s virtually no possibility in which This kind of happened, however we still want to be thorough.”
Twitter said the item will be continuing to investigate the situation. The company said the item has also contacted third-party “developers who may have been impacted,” the company said in a blog post.
The bug impacted user data between May 2017 as well as Sept. 10, when the item was discovered. The bug was then fixed within hours, the Twitter spokeswoman said. The company waited to disclose the bug “to ensure we were providing the most accurate information,” she said.
No private messages between individual users were shared with external software developers, the Twitter spokeswoman said.
Some users reacted to the bug disclosure by tweeting out the notice they received by the company.
Here’s Twitter’s full statement:
We recently discovered a bug in our Account Activity API (AAAPI). This kind of API allows registered developers to build tools to better support businesses as well as their communications with customers on Twitter. If you interacted with an account or business on Twitter in which relied on a developer using the AAAPI to provide their services, the bug may have caused some of these interactions to be unintentionally sent to another registered developer. In some cases This kind of may have included certain Direct Messages or protected Tweets, for example a Direct Message with an airline in which had authorized an AAAPI developer. Similarly, if your business authorized a developer using the AAAPI to access your account, the bug may have impacted your activity data in error.
the item will be important to note in which based on our initial analysis, a complex series of technical circumstances had to occur at the same time with This kind of bug to have resulted in account information definitively being shared with the wrong source. More here.
- The bug ran by May 2017 as well as within hours of discovering the item on September 10, 2018, we shipped a fix to prevent data by being unintentionally sent to the incorrect developer.
- The bug affected less than 1% of people on Twitter.
- Any party in which may have received unintended information was a developer registered through our developer program, which we have significantly expanded in recent months to prevent abuse as well as misuse of data.
- If your account was affected by This kind of bug, we will contact you directly through an in-app notice as well as on twitter.com.
- We have contacted our developer partners as well as are working with them to ensure in which they are complying with their obligations to delete information they should not have.
- Our investigation will be ongoing. We will continue to provide updates with any relevant information.
We’re very sorry This kind of happened. We recognize as well as appreciate the trust you place in us, as well as are committed to earning in which trust every day. For more on our updated API policies as well as how to monitor the apps you are using on Twitter, see here as well as here.