Twitter warns of direct messaging bug

Social media service Twitter has revealed a flaw could have allowed developers to see users’ direct messages and protected tweets.

The service has issued a warning to some users that a bug in one of their APIs (Application Programming Interface) may have allowed unauthorised developers access to private communications from May 2017 until early this month.


In a post explaining the security breach, Twitter’s help team said the bug was in its Account Activity API which allows authorised developers to create tools for users to manage their Twitter traffic.

Twitter discovered on May 10 that developers with similar website addresses may have received each other’s messages, exposing direct messages and protected tweets to third parties.

At this stage it is unclear how many users have been affected by the bug, but at this stage Twitter is claiming it is less than 1% of its user traffic.

The company did warn developers however that they are obligated to delete any information they shouldn’t have received.

Mumbrella has contacted Twitter for details on the number of local users and developers affected by the bug in Southeast Asia.


Get the latest media and marketing industry news (and views) direct to your inbox.

Sign up to the free Mumbrella Asia newsletter now.



Sign up to our free daily update to get the latest in media and marketing