Facebook and Twitter have again exposed the user data of hundreds of people on Android to third-party app developers…
Social media giant Facebook and popular microblog Twitter have disclosed the user data of hundreds of people might have been improperly accessed by third-party developers to log into Google Play Store apps on Android.
Facebook and Twitter Exposed Hundreds of Users’ Data to Third-Party Developers
The issue was first reported by CNBC and has only identified Android as part of the compromise, with no indication iOS users being affected.
A Facebook spokesperson tells The Verge:
“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn. We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender. We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”
Additionally, Twitter published a blog post, which in-part read:
“[the]…issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs [software development kits] within an application.”
Twitter states it notified Google and Apple of the vulnerability.