Story image

Twitter says sorry about Android bug that lasted four years

22 Jan 2019

Twitter says it’s sorry to its Android app users, after it admitted last week that some tweets that were supposed to be private could have been exposed to the world.

What’s more, the bug has existed since November 2014 – which means those tweets could have remained public for more than four years.

The issue on the Twitter for Android app disabled the ‘Protect your Tweets’ setting when certain account actions like changing an email address.

Anyone who changed the email address they used to access their account between November 3, 2014 and January 14, 2019 could have been affected.

While the bug was fixed on January 14, Twitter says it will provide updates if more information becomes available.

“We've informed people we know were affected by this issue and have turned "Protect your Tweets" back on for them if it was disabled,” says Twitter in a statement.

“We are providing this broader notice through the Twitter Help Center since we can’t confirm every account that may have been impacted. We encourage you to review your privacy settings to ensure that your ‘Protect your Tweets’ setting reflects your preferences.”

Twitter has offered a direct line of communication to its data protection officer Damien Kieran through an online form that the company has set up.

“We recognise and appreciate the trust you place in us, and are committed to earning that trust every day. We’re very sorry this happened and we’re conducting a full review to help prevent this from happening again.”

Twitter users who access the service via the web or iOS were not affected by the bug.

It’s not the first time Twitter has been under fire for bugs and glitches – in May 2018 the company urged more than 330 million users to change their passwords after an internal glitch exposed those passwords in a log file.

The bug was due to a problem with password hashing. The process wrote passwords to an internal log before they were hashed.

Although no passwords were stolen or misused, Twitter made sure users were informed and asked them to change passwords anyway.

Twitter is also under investigation by the Irish Data Protection Commission for potential breaches of the European Union’s GDPR regulations. 

“In November, the Data Protection Commission opened a statutory inquiry into Twitter’s compliance with the relevant provisions of the GDPR following receipt of a number of breach notifications from the company since the introduction of the GDPR.”

Why an IT resilient strategy needs to be in the modern CIO’s toolkit
"Having an IT resilience strategy in place allows an organisation to smoothly adjust to change."
Tollring partners with Novum Networks for call analytics
Novum Networks has added the full complement of Tollring’siCall Suite cloud analytics to its product portfolio.
Intel announces “most powerful mobile processors ever”
Improvements in performance, responsiveness and Wi-Fi connectivity will be rolling out for gamers and creators alike.
Software AG launches new cloud-based IT portfolio management tool
“Alfabet FastLane’s out-of-the-box approach absolutely addresses the needs of smaller IT teams."
Slack's 2019 feature roadmap unveiled
Including shared channels across organisations, workflow automation, greater email and calendar integration, and streamlined search.
Data#3 wins learning and development award two years running
Chief Learning Officer magazine’s LearningElite programme honours the best organisations for learning and development.
Avaya partners with Standard Chartered to deliver CX transformation
"Avaya is proud to be supporting this venerable financial institution as it continues to evolve and transform to meet the needs of its clients.”
Hootsuite leads the social engagement charge - Forrester report
“Hootsuite leads the pack with its seller focus and scale,” writes Forrester principal analyst Mary Shea.