Location Data of Some Twitter Users Leaked

Location Data of Some Twitter Users Leaked

A bug in the iOS Twitter app impacted the privacy of its users.

Users of the Twitter iOS app may have had their location data made vulnerable due to a bug in the platform. 

"We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances," Twitter said.

The company says that the bug only appears in the iOS app and only with users who have added a second Twitter account to the platform on their smartphone. If they allowed Twitter to access precise location data on one account, then that setting was automatically applied to both accounts managed via the iOS app. 

This means that accounts that did not give consent to share location data, it was automatically turned on and shared with "a trusted partner during an advertising process known as real-time bidding."

Twitter says their company was the only one to receive the location data and that the advertiser was not privy to that information, which was provided "fuzzed" geo-location data that was scrambled to reduce accuracy.

"We have confirmed with out partner that the location data has not been retained and that it only existed in their systems for a short time, and then was deleted as part of their normal process," the company said on its help site.

This is the fourth Twitter bug disclosed on the Twitter platform in the past year. In September 2018, Twitter said an API bug inadvertently shared some users' private messages with developers of apps they did not authorize to receive the data. Other bugs included a nation-state hacking group accessing data and private tweets made public to all users in January 2019.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”