Twitter Advises Users to Update Android App, Fixes Serious Security Vulnerability

Twitter says it has fixed its Android app's security vulnerability, and urges users to update.

Advertisement
By Indo-Asian News Service | Updated: 21 December 2019 19:16 IST
Highlights
  • It may have been possible for bad actor to access information on Twitter
  • Direct Messages, protected Tweets, location info may be compromised
  • Users are advised to update their Twitter for Android app

Twitter on Friday admitted a malicious code was inserted into its app by a bad actor

In an extremely stressful year for Internet users, Twitter on Friday admitted a malicious code was inserted into its app by a bad actor that may have compromised some users' information worldwide, including in India, as people woke up to an email from Twitter, warning them to update the app for Android. The vulnerability within Twitter for Android could allow the bad actor to see non-public account information or to control your account (send Tweets or Direct Messages), said an apologetic Twitter.

"Prior to the fix, through a complicated process involving the insertion of malicious code into restricted storage areas of the Twitter app, it may have been possible for a bad actor to access information (Direct Messages, protected Tweets, location information) from the app," Twitter said in a statement. Users should update their Twitter for Android app via Google Play.

Advertisement

The company said it does not have direct evidence that malicious code was inserted into the app or that this vulnerability was exploited, but it can't be completely sure. Twitter did not divulge the number of users affected too.

"We have taken steps to fix this issue and are directly notifying people who could have been exposed to this vulnerability either through the Twitter app or by email with specific instructions to keep them safe".

Advertisement

Twitter recommended updating to the latest version for Android as the issue did not impact "Twitter for iOS".

"We're sorry this happened and will continue working to keep your information secure on Twitter," said the company in the email sent to the Indian users, adding that those affected can also reach out to Twitter's Office of Data Protection, requesting information regarding their account security.

Advertisement

The new data breach in Twitter was reported two days after several Indian users saw warning pop-ups from Google on their mobile and desktop screens as they opened certain affected websites in the Google Chrome browser, alerting them about a data breach on the site or app they had visited which also exposed their passwords.

The Internet giant issued warning of data breach for users in India and globally after fixing the Chrome 79 bug and re-issuing it for the public.

Advertisement

"Change your password. A data breach on a site or app exposed your password. Chrome recommends changing your password for the site," read the warning pop-up.

Twitter has faced several vulnerabilities on its platform in the recent past.

In May, Twitter disclosed a bug that shared some iOS users' data with an unnamed partner, even if the users did not opt to share data. The bug affected Twitter's iOS user base and they were notified about the issue.

In February, a bug in Twitter exposed private tweets of some Android users for over five years when they made changes in their settings, like changing the email address linked to their accounts.

The vulnerability disabled the "Protect your Tweets" setting if certain account changes were made on Android devices.

In a mega data breach last year, the micro-blogging platform alerted all users to change their password after it discovered a bug that stored passwords in plain text in an internal system.

"Out of an abundance of caution, we ask that you consider changing your password on all services where you've used this password," said Parag Agrawal, Chief Technology Officer at Twitter.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Twitter, Data Breach, Google
Advertisement

Related Stories

Popular Mobile Brands
  1. Flipkart GOAT Sale: Top Early Deals on Smartphones, Tablets and More
  2. Asus Vivobook 15 (2026) Launched in India Ahead of Amazon, Flipkart Sale Events
  3. Top Deals on Fitness Trackers, Smart Rings in Amazon Prime Day Sale 2026
  4. Alienware 15 Arrives in India as Dell's Most Affordable Gaming Laptop Yet
  5. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  6. iPhone 18 Pro Max Might Arrive With Apple's Biggest Battery Yet
  7. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  8. Vivo X500 Camera Details Surface Online After X500 Pro Max Leaks
  9. Amazon Prime Day 2026: Best Deals on Smartphones Under Rs. 30,000
  1. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  2. Redmi 17 5G NCC, SIRIM Certification Listings Reportedly Reveal Battery and Charging Details
  3. Samsung Galaxy S27, Galaxy S27+ Said to Feature 'Privacy Display'; Ultra Model Might Get Selfie Camera Upgrade
  4. Asus Vivobook 15 (2026) With Intel Core 5 Series 3 CPU Launched in India: Price, Features
  5. Bitcoin Climbs Above $61,600 as Weak US Jobs Data Boosts Crypto Investor Sentiment
  6. iPhone 18 Pro Max Might Arrive With Apple's Biggest Smartphone Battery to Date, Latest Leak Suggests
  7. Vivo X500 Camera Specifications Leaked; 64-Megapixel Periscope Telephoto Camera Tipped
  8. Lenovo Legion Y700 AI Tablet Confirmed to Launch in August; Company Teases Gaming Tablet's Design
  9. iPhone 18 Pro to Feature Apple's C2 Modem Globally, Qualcomm Chip in the US: Report
  10. Xbox Will Reportedly Allow Users to Digitise Physical Games, Ship Project Helix Without Disc Drive
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.