Before Twitter Patch, Private Messages May Have Been Vulnerable

If you’re a Twitter user, you should know that the company recently announced that they had addressed a serious security flaw that could have allowed hackers to gain direct access to Direct or Private Messages users sent via Twitter.

If you seldom use that feature, then the impact to you would have been minimal in any case. If it’s something you use on a regular basis, then breathe a sigh of relief.

The company had this to say about the issue:

“We recently discovered and fixed a vulnerability in Twitter for Android related to an underlying Android OS security issue affecting OS versions 8 and 9. Our understanding is 96 percent of people using Twitter for Android already have an Android security patch installed that protects them from this vulnerability.

For the other 4 percent, this vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this.”

The company stressed that there’s no evidence this security flaw was ever exploited in the wild, and again, there’s nothing for you, as a Twitter user to do. The company has already handled it.

The discovery of the flaw though, comes on the heels of another recent, dramatic Twitter hack. In that hack, dozens of user accounts belonging to high-profile individuals were commandeered and used to bilk unsuspecting users out of more than $120,000 worth of Bitcoins.

If history is a good guide, and it usually is, this won’t be the last major security flaw the company finds and addresses in what remains of the year. Nonetheless, kudos to Twitter for finding the flaw and acting quickly to correct it before it could be exploited. Here’s hoping they can continue to find and correct them before the hackers can take advantage.