Twitter issues patch for protected tweet bug fix on Sunday. Twitter protected accounts could be followed by people who added them via SMS rather than via the app or website. Twitter announced that a bug has affected 93,788 protected accounts, which allowed unauthorized users to read protected tweets. Bob Lord, Director of Information Security at Twitter says:
“We were alerted to and fixed a bug in our system that, for 93,788 protected accounts under rare circumstances, allowed non-approved followers to receive protected tweets via SMS or push notifications since November 2013. As part of the bug fix, we’ve removed all of these unapproved follows, and taken steps to protect against this kind of bug in the future.
While the scope of this bug was small in terms of affected users, that does not change the fact that this should not have happened. We’ve emailed each of these affected users to let them know about this bug and extend our whole-hearted apologies.
We also want to thank our white hat security community, a member of which helped us discover and diagnose the bug. These folks help us keep Twitter safe for everyone.”