Twitter reported on Friday that a “bug” sent users’ private direct messages to third-party developers. The social media site stated that the issue has been going on since May 2017, but they were able solve the problem immediately upon discovery.
Twitter notified users of the bug last week, but do not believe that any of the information compromised was misused by developers. The investigation is ongoing, however many users took to the platform to express their concerns.
The bug was discovered on September 10th, but it took Twitter almost 2 weeks to inform users.
“If your account was affected by this bug, we will contact you directly through an in-app notice and on twitter.com,” said the Twitter statement.
The bug reportedly only affected 1 percent of Twitter users, however there are 335 million users on the platform.
This is the second data-related issue Twitter has reported this year. In May, the site urged users to change their passwords due to a bug that stored the passwords in plain text instead of encrypting them. Twitter reported that they had “no reason to believe the password information ever left Twitter’s system.” However, the social media giant failed to provide technical data to support this claim.
With all of the password and data breaches it is important set up two-factor authentication. Two-factor authentication is a second layer of security to protect your information from hackers. For example, a form of two-factor authentication is when sites send you a code via text or email to confirm your identity after you log in.
If someone is trying to access your account you can deny them access and immediately change your password. For more information on how to set up two-factor authentication for your Twitter account click here.
Another useful tool is a password manager such as LastPass or 1Password. These password managers store the password credentials for all of your sites and keep them safe… even when sites like Twitter fails to do so.
Contact The TNS Group today for more information about two-factor authentication and password managers.