Twitter said in a blog post it had recently found and fixed a vulnerability in its Android app that potentially could have exposed direct messages to hackers.
The company admitted the flaw while linking to the specific issue detailed in Android’s official blog. Alarmingly, the flaw dates back to October 2018.
Twitter said, “We don’t have evidence that this vulnerability was exploited by attackers,” and that it only affected devices running Android 8 Oreo and Android 9 Pie. It also claimed that 96% of Android users already have a security patch that corrects the bug.
“For the other 4%, this vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this,” the company added.
It’s not the best look for Twitter just weeks after a massive hack saw hackers scam the public out of Bitcoin by hacking the accounts of many verified celebrities such as Elon Musk, Jeff Bezos, Barack Obama, and even Twitter CEO Jack Dorsey.
If you’re at all worried, update Twitter on your phone. And maybe don’t send sensitive information over Direct Message, as the platform continues to show potential data privacy issues.