Facebook and Twitter have recently revealed that hundreds of users’ data may have been affected. How? By users allowing specific Android apps to have access to their social media accounts. The companies received a report from a security researcher who discovered that the app, One Audience, was able to access personal data from a mobile device.
The third-party application could access personal information including usernames, email addresses, recent tweets, and possibly take control of a user’s Twitter account. However, there was no evidence of someone taking control of any accounts. Other third-party apps that are under scrutiny are Giant Square, Photofy, and Mobiburn.
A spokesman from Twitter stated that this vulnerability is due to a lack of isolation between the software development kit in an application. They determined that Android users were affected by the vulnerability, but not iOS users.
Twitter also mentioned in their recent press release:
“We will be directly notifying people who use Twitter for Android who may have been impacted by this issue. There is nothing for you to do at this time, but if you think you may have downloaded a malicious application from a third-party app store, we recommend you delete it immediately. You can see a list of all third party apps you have authorized to your Twitter account here, if you don’t recognize any of them or if you no longer use them, we recommend revoking their access to keep your account secure.”
It is crucial to recognize which apps you are allowing to connect to your social media accounts and data. A Twitter spokesman stated that you should know what apps you allow to access any of your apps. The company plans on reaching out to Google, Apple, and industry partners about the vulnerability so that they can take further action.
As always, make sure you are aware of social media apps that are being affected by these types of security breaches. Keeping apps updated and using the latest security features will keep your personal data safe.