A bug in how Twitter’s platform is accessed by third-party app developers exposed certain direct messages of select users to developers who do not work for Twitter, the company disclosed in a blog post today.
Twitter says the bug was active starting sometime in May of 2017, and Twitter issued a fix within hours of discovering it on September 10th, 2018. It affected less than 1 percent of users, and the direct messages affected were those between users and accounts or businesses that relied on a certain API designed for customer service interactions. Twitter’s example is a direct message with an airline that uses a developer account to access the affected API, which is known as the Account Activity API (AAAPI).
from The Verge – All Posts https://ift.tt/2zn0nxo
via IFTTT