Category Archives: iOS

Twitter inadvertently collected and shared iOS location data

Twitter confirmed revealed that a bug in its iOS app it the root cause for an inadvertent collection of location data and sharing it with a third-party.

A new story of a violation of the user’s privacy made the lines, Twitter revealed that due to a bug is collected and shared iOS location data with a third-party advertising company,

Fortunately, only one partner of the micro-blogging firm was involved and the data collection and sharing occurred in certain circumstances.

“We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances.” reads the security advisory published by Twitter.

“Specifically, if you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature,”

Twitter admitted having failed into removing the location data from the information shared with the trusted advertising partner that was accessing it during real-time bidding process. 

The company pointed out that location data its shared could not be used to track individuals because it had implemented technical measures to “fuzz” the information. Twitter explained that shared was no more precise than zip code or city (5km squared).

Twitter did not share users’ handles or other unique account IDs, this means that it was impossible to link the identity of a specific user to a geographic location. 

“The partner did not receive data such as your Twitter handle or other unique account IDs that could have compromised your identity on Twitter.” continues the announcement.

“This means that for people using Twitter for iOS who we inadvertently collected location information from, we may also have shared that information with a trusted advertising partner,”

Another good news is that the partner did not retain the data that was deleted “as part of their normal process.” 

Twitter

Twitter has already fixed the issue and notified the incident to all the impacted users, anyway it did not reveal the extent of the incident either for how long it shared the data with its partner.

“We invite you to check your privacy settings to make sure you’re only sharing the data you want to with us. We’re very sorry this happened. We recognize and appreciate the trust you place in us and are committed to earning that trust every day,” concludes Twitter.

Pierluigi Paganini

(SecurityAffairs – privacy, data leak)

The post Twitter inadvertently collected and shared iOS location data appeared first on Security Affairs.

Twitter Bug Carelessly Shared Location Data of Some iOS Users

According to Twitter, a bug that revealed the user’s location information, and shared it with an unnamed Twitter partner has been fixed.

“We have discovered that we inadvertently collect and shared iOS location data with one of our trusted partners in certain circumstances,” the company said.

According to the blog posts, the bug only affects iOS users who are using the Twitter app who had a second account on their phone. If a user allows Twitter to access the accurate location information for an account, the settings will automatically be applied to other account, even if they do not share location data

Twitter also finds that the information collected is passed on to trusted partners to serve ads through a process known as real-time bidding. However, privacy issues have been resolved by stating that site data is “fuzzed” to reduce accuracy to the nearest zip code or city.

“We have confirmed with our partner that the location data has not been retained and that it only existed in their systems for a short time, and was then deleted as part of their normal process,” it stated on the help site.

Although Twitter did not announce when the data exchange took place, the social media company said it had notified affected users and asked users to review their privacy settings in the face of security incidents.

It should also be noted that this security issue is Twitter’s fourth mistake in the past year.

Last September, a bug in the Twitter API accidentally published a private message and protected tweets for developers who were not allowed to read.

In December, it was said that government-sponsored actors could have exploited the vulnerability in an online support form to retrieve the user’s country code and determine whether the Twitter account was suspended or not.

In January this year, Twitter found a security flaw in its Android app causing private tweets of an unspecified number of users to be publicly available since 2014.

In January of this year, Twitter experienced a vulnerability in its Android application that caused personal tweets to be publicly available to a number of unspecified users since 2014.

Source: https://www.zdnet.com/article/twitter-bug-shared-location-data-for-some-ios-users/

Related Resources:

Twitter Rolls Out Key Cybersecurity Improvement Vs. Hacking

Twitter to Stop Hackers from Spreading Secrets of 9/11 Attacks

Twitter’s Mobile Phone Integration Is Insecure

The post Twitter Bug Carelessly Shared Location Data of Some iOS Users appeared first on .