Twitter alerted users to the fact that their direct messages to companies could have been disclosed. And today, Twitter has officially notified some of its users having the potential risk of conversation leaks to unauthorized developers.
Twitter acknowledges that the problem commenced in May 2017, but it wasn’t until Monday, September 10, that an error was discovered that enabled their direct messages can be read by unauthorized developers. Also, in some cases, encrypted account tweets were affected.
The Twitter team claims that the problem has already been solved and there is no need for action on the part of users. The potentially affected users (less than 1% of users) have already been notified, both via the mobile app and via the web version of Twitter.
So far they have found no evidence that developers have received this type of data nor any evidence that they have used this information inappropriately. However, you can’t be sure if it really didn’t happen.
A detail made clear is that the tweets and direct messages that were disclosed are not the ones that were sent between users, but are related to companies or services of third parties:
For those who have received notifications today, it only concerns possible interactions or direct messages you have had with companies that use Twitter for things like customer service or help.