Story image

Twitter says sorry about Android bug that lasted four years

22 Jan 2019

Twitter says it’s sorry to its Android app users, after it admitted last week that some tweets that were supposed to be private could have been exposed to the world.

What’s more, the bug has existed since November 2014 – which means those tweets could have remained public for more than four years.

The issue on the Twitter for Android app disabled the ‘Protect your Tweets’ setting when certain account actions like changing an email address.

Anyone who changed the email address they used to access their account between November 3, 2014 and January 14, 2019 could have been affected.

While the bug was fixed on January 14, Twitter says it will provide updates if more information becomes available.

“We've informed people we know were affected by this issue and have turned "Protect your Tweets" back on for them if it was disabled,” says Twitter in a statement.

“We are providing this broader notice through the Twitter Help Center since we can’t confirm every account that may have been impacted. We encourage you to review your privacy settings to ensure that your ‘Protect your Tweets’ setting reflects your preferences.”

Twitter has offered a direct line of communication to its data protection officer Damien Kieran through an online form that the company has set up.

“We recognise and appreciate the trust you place in us, and are committed to earning that trust every day. We’re very sorry this happened and we’re conducting a full review to help prevent this from happening again.”

Twitter users who access the service via the web or iOS were not affected by the bug.

It’s not the first time Twitter has been under fire for bugs and glitches – in May 2018 the company urged more than 330 million users to change their passwords after an internal glitch exposed those passwords in a log file.

The bug was due to a problem with password hashing. The process wrote passwords to an internal log before they were hashed.

Although no passwords were stolen or misused, Twitter made sure users were informed and asked them to change passwords anyway.

Twitter is also under investigation by the Irish Data Protection Commission for potential breaches of the European Union’s GDPR regulations. 

“In November, the Data Protection Commission opened a statutory inquiry into Twitter’s compliance with the relevant provisions of the GDPR following receipt of a number of breach notifications from the company since the introduction of the GDPR.”

GoCardless to double A/NZ team by end of year
With a successful E round of investment and continuing organic growth globally, the debit network platform company aims to expand its local presence.
NZ’s Maori innovators are on the rise
“More iwi investors need to recognise that these sectors will provide the high-value jobs our children need."
Phone ringing? This biohack wants you to bite down and ChewIt
So your phone’s ringing, but instead of swiping right or pushing a Bluetooth button you bite down on a tiny piece of tech that sits in your mouth.
How big data can revolutionise NZ’s hospitals
Miya Precision is being used across 17 wards and the emergency department at Palmerston North Hospital.
Time's up, tax dodgers: Multinational tech firms may soon pay their dues
Multinational tech and digital services firms may no longer have a free tax pass to operate in New Zealand. 
Spark’s new IoT network reaches 98% of New Zealand
Spark is the first company to confirm the nationwide completion of a Cat-M1 network in New Zealand.
WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Robots to the fore – Key insights for New Zealand Business into RPA in 2019
From making artificial intelligence a business reality to closer ties to human colleagues, robotic process automation is gearing up for a strong 2019.