Twitter bug shared some user’s location data without their consent

A Twitter bug caused the location data of some users to be collected and shared without their consent.

In a statement released Monday, Twitter revealed that users who ran multiple accounts from an iOS device could have been unknowingly giving up location information to a third-party company.

“Specifically, if you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature,” Twitter said.

Twitter claims that although it “intended to remove location data from the fields” sent to the third-party, which they described as a “trusted advertising partner” but declined to name, the removal “did not happen as planned.”

The social media company stressed, however, that the data collected “was no more precise than zip code or city (5km squared).”

“The partner did not receive data such as your Twitter handle or other unique account IDs that could have compromised your identity on Twitter,” the company added.

The data collected by the advertising company was reportedly deleted, although it remains unclear how exactly the data was used.

Twitter also declined to state when the bug was discovered, how long the collection lasted, and the exact number of affected accounts. The social media asserted though that it had contacted those involved to inform them that the bug had since been fixed.

READ MORE:

Mikael Thalen

Mikael Thalen

Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.