December 20, 2019 — Twitter just fixed a vulnerability that could have led to the breach of account security of the users signed in on its app on Android. The social media platform says that it has not found any evidence that the vulnerability was misused, and is taking all necessary precautions to avoid future risks of similar kind.
In a blog post, Twitter says that while iOS users were not affected, the vulnerability could have allowed hackers to get access to the restricted areas of the app like direct messages, protected tweets and location information, and could have enabled them to send tweets and direct messages as well. The blog mentions that it would have required the hacker to go “through a complicated process involving the insertion of malicious code” into the app. However, the vulnerability was identified and subsequently fixed.
Twitter sent this prompt to Android users who could have been affected:
The massive data collected and stored by social media platforms on their users is constantly at risk of being breached due to the value that it entails. Hackers use it to either pose harm on individual level, or use the set of information for other reasons like advertising which has, in the past, been found to have played a crucial role in disrupting democratic processes around the world.
Governments in countries with strong data protection policies are taking increased interest in regulating these platforms that have, for the longest time, enjoyed immunity due to their virtual nature. Whereas, digital platforms are being more active in taking measures to protect user data they collect. But with technology constantly evolving, hackers and data miners are also adopting sophisticated methods of collecting digital data. In situations like this, the onus of security of user information through strong policies and privacy-by-default business model falls on both the governments and the platforms, respectively.
Hija is a Programs Manager at Media Matters for Democracy. She combines her experience in digital rights in Pakistan to lead digital rights and internet governance advocacy of MMfD. She tweets at @hijakamran