1. ITV Report

Twitter bug leaves protected accounts exposed for four years

Twitter has admitted there was an issue in its system for four years. Credit: AP

Twitter has admitted a bug in its system left tweets on protected accounts exposed for more than four years.

The social media platform said it resolved the issue earlier this week after it discovered users who signed in on Android devices were vulnerable to the breach.

The problem occurred on some accounts between November 3, 2014 and January 14, 2019 before it was addressed by Twitter's engineers.

  • Who did the breach affect?

The breach affected users with private accounts - the social media platform allows users to tweak there settings so only people they choose are able to see what they tweet.

Twitter said that the issue affected users who used its Android app to sign into their accounts. The app is reportedly the third most popular app on the Google-developed platform.

Twitter stressed that the issue only affected users of Twitter for Android and not those on Apple's iOS or using Twitter on the web.

The issue affected Twitter users who had installed the Android app and logged into private accounts. Credit: PA
  • How many people were affected by the breach?

Twitter hasn't publicly released data on how many accounts the bug affected - but the number could be significant.

Android Rank, a website that accumulates statistics on the performance of apps on the platform, estimates that the app has been installed more 885 million times.

Data on the website shows that up to more than 500 million of these installs were in the period when the bug affected user's accounts.

The social network says it has now fixed the issue. Credit: PA
  • What has Twitter done about it?

The social media network says it has reached out to users affected by the breach to let them know what has happened.

The social network is urging people to review their account's privacy settings as it is not able to confirm every account using Android that may have been affected.

In a statement on its help page, the network said: "We recognise and appreciate the trust you place in us, and are committed to earning that trust every day.

"We're very sorry this happened and we're conducting a full review to help prevent this from happening again."