Location Data of Some Twitter Users Leaked
A bug in the iOS Twitter app impacted the privacy of its users.
- By Sydny Shepard
- May 15, 2019
Users of the Twitter iOS app may have had their location data made vulnerable due to a bug in the platform.
"We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances," Twitter said.
The company says that the bug only appears in the iOS app and only with users who have added a second Twitter account to the platform on their smartphone. If they allowed Twitter to access precise location data on one account, then that setting was automatically applied to both accounts managed via the iOS app.
This means that accounts that did not give consent to share location data, it was automatically turned on and shared with "a trusted partner during an advertising process known as real-time bidding."
Twitter says their company was the only one to receive the location data and that the advertiser was not privy to that information, which was provided "fuzzed" geo-location data that was scrambled to reduce accuracy.
"We have confirmed with out partner that the location data has not been retained and that it only existed in their systems for a short time, and then was deleted as part of their normal process," the company said on its help site.
This is the fourth Twitter bug disclosed on the Twitter platform in the past year. In September 2018, Twitter said an API bug inadvertently shared some users' private messages with developers of apps they did not authorize to receive the data. Other bugs included a nation-state hacking group accessing data and private tweets made public to all users in January 2019.
Sydny Shepard is the Executive Editor of Campus Security & Life Safety.