Story image

Twitter says sorry about Android bug that lasted four years

22 Jan 2019

Twitter says it’s sorry to its Android app users, after it admitted last week that some tweets that were supposed to be private could have been exposed to the world.

What’s more, the bug has existed since November 2014 – which means those tweets could have remained public for more than four years.

The issue on the Twitter for Android app disabled the ‘Protect your Tweets’ setting when certain account actions like changing an email address.

Anyone who changed the email address they used to access their account between November 3, 2014 and January 14, 2019 could have been affected.

While the bug was fixed on January 14, Twitter says it will provide updates if more information becomes available.

“We've informed people we know were affected by this issue and have turned "Protect your Tweets" back on for them if it was disabled,” says Twitter in a statement.

“We are providing this broader notice through the Twitter Help Center since we can’t confirm every account that may have been impacted. We encourage you to review your privacy settings to ensure that your ‘Protect your Tweets’ setting reflects your preferences.”

Twitter has offered a direct line of communication to its data protection officer Damien Kieran through an online form that the company has set up.

“We recognise and appreciate the trust you place in us, and are committed to earning that trust every day. We’re very sorry this happened and we’re conducting a full review to help prevent this from happening again.”

Twitter users who access the service via the web or iOS were not affected by the bug.

It’s not the first time Twitter has been under fire for bugs and glitches – in May 2018 the company urged more than 330 million users to change their passwords after an internal glitch exposed those passwords in a log file.

The bug was due to a problem with password hashing. The process wrote passwords to an internal log before they were hashed.

Although no passwords were stolen or misused, Twitter made sure users were informed and asked them to change passwords anyway.

Twitter is also under investigation by the Irish Data Protection Commission for potential breaches of the European Union’s GDPR regulations. 

“In November, the Data Protection Commission opened a statutory inquiry into Twitter’s compliance with the relevant provisions of the GDPR following receipt of a number of breach notifications from the company since the introduction of the GDPR.”

Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Hands-on review: The ruggedly tough CAT S61 smartphone
The driveway beckoned me, so I dropped the phone several times.  Back in the study, close examination has failed to reveal a single scratch.
How printing solutions can help save the planet
Y Soft has identified five key ways organisations can become more economical and reduce their environmental impact.
Is NZ’s tech industry starting to mature?
Technology is New Zealand’s fastest growing and third biggest industry.
How Kiwibank aims to enable greater digital inclusion
"Online tools can offer a more convenient and cheaper customer experience, but there can be barriers to usage."
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Inland Revenue to shut down services later this week
“There’s never an ideal time to shut down the tax system but we’re confident the changes will make any inconvenience worthwhile.”
NZ managers prefer intuition to big data, Massey study finds
Many senior managers in New Zealand businesses have an inherent distrust of big data, opting instead to rely on their own intuition.