The Account Activity API allows registered developers to build tools to better support businesses and their communications with customers on Twitter.
A bug affecting one of our APIsOn Monday, September 10, we identified a bug that may have sent one or more of your Direct Messages or protected Tweets (if your account was protected at the time) to Twitter developers who were not authorized to receive them.
Twitter is in full damage control mode after disclosing that it may have inappropriately exposed some unlucky twits' private tweets and direct messages to strangers.
The company said it had resolved the issue immediately upon discovering it, on 10 September.
According to Twitter, the coding blunder in its webhook system required a very specific set of circumstances to trigger. If this developer employed Twitter's Account Activity API (AAAPI), the subscriber could have been victimized by the bug.
On September 12, the Twitter staff also modified the way third-party apps can access images shared via direct messages, but this issue doesn't appear to be related to today's notification.
Twitter said it found no sign that hackers accessed the exposed data but advised users that they should enter a new password on all services where their current password has been used.
"Sorry, what?! My DMs may have been sent to developers for a more than a year??" Mashable reporter Karissa Bell tweeted.
As stated prior, if you were affected by the problem, you have already been contacted. "Your other DMs are not involved at all".
While Twitter states that they have no reason to believe the private information was misused, they are investigating the matter further. At the same time, the company is working with developers to ensure they delete any information they shouldn't have. "We will continue to provide updates with any relevant information".