Location Data of Some Twitter Users Leaked

Location Data of Some Twitter Users Leaked

A bug in the iOS Twitter app impacted the privacy of its users.

Users of the Twitter iOS app may have had their location data made vulnerable due to a bug in the platform. 

"We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances," Twitter said.

The company says that the bug only appears in the iOS app and only with users who have added a second Twitter account to the platform on their smartphone. If they allowed Twitter to access precise location data on one account, then that setting was automatically applied to both accounts managed via the iOS app. 

This means that accounts that did not give consent to share location data, it was automatically turned on and shared with "a trusted partner during an advertising process known as real-time bidding."

Twitter says their company was the only one to receive the location data and that the advertiser was not privy to that information, which was provided "fuzzed" geo-location data that was scrambled to reduce accuracy.

"We have confirmed with out partner that the location data has not been retained and that it only existed in their systems for a short time, and then was deleted as part of their normal process," the company said on its help site.

This is the fourth Twitter bug disclosed on the Twitter platform in the past year. In September 2018, Twitter said an API bug inadvertently shared some users' private messages with developers of apps they did not authorize to receive the data. Other bugs included a nation-state hacking group accessing data and private tweets made public to all users in January 2019.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.