Sunday, July 14, 2024

Twitter Flaw Exposes Private Circle Tweets to Public

According to reports, there has been a security incident with Twitter’s Private Circle tweets feature as they have been exposed publicly.

Twitter’s Private Circle was a feature introduced by Twitter in 2022, in which users can send their tweets to a particular set of people (maximum of 150 members) which keeps their tweets within the close circle away from the public.

In Twitter’s help center, a question was answered, “Who can see my Twitter circle tweets?”. The answer to this question, as mentioned by Twitter, was, “People who are currently in your Twitter Circle can see any Twitter Circle Tweets you’ve shared as well as any non-protected replies to those Tweets. If a circle member keeps a protected account, only the followers in your Twitter Circle can see their replies.

Your friend’s Twitter Circle will not be able to see any part of the conversation unless your circles share common members.”

However, a tweet that resurfaced nearly a month after from a Twitter user SL (@slbad_) denotes that private tweets were being exposed to the public and the Twitter circles feature was facing a bug.

Following this, Twitter contacted every user and mentioned that there had been a ‘security incident’ on the display of private circle tweets.

In the security incident notification from Twitter, they mentioned, 

“We’re contacting you because your Twitter account may have been potentially impacted by a security incident that occurred earlier this year (April 2023)”. 

In April 2023, a security incident may have allowed users outside your Twitter Circle to see tweets that should have been limited to the Circle you were posting. Our security team identified this issue and immediately fixed it so these tweets were no longer visible outside your Circle. 

We’ve conducted a thorough investigation to understand how this occurred and have addressed this issue. Twitter is committed to protecting the privacy of the people who use our service, and we understand the risks that an incident like this can introduce and deeply regret this happened.”

Ever since the takeover of Twitter by Elon Musk, there have been several changes and issues going on with Twitter and its users. Adding to them, the exposed private circle tweets have also affected the platform. 

However, this issue came to light after Musk made an algorithm recommendation change on Twitter last month. He mentioned that the algorithm will be updated every 24 to 48 hours.

Twitter has been working on resolving this and several other issues they have been facing recently.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles