News Centre

Twitter Android Users Have All Private Tweets Exposed

Article by Diogo Correa
January 21, 2019

Twitter has now admitted to have accidentally revealed that Android users’ protected tweets were able to be seen for over 4 years. This is usually a mistake you’d expect Facebook to make.

Twitter gives you some good controls that can allow you to chose if you would like your tweets to be public or protected from the moment you sign up to the platform.  

If you chose to enable the “Protect your tweets” setting, this will make your tweets private, and you’ll receive a notification when new people try to follow you to view your tweets. Similar features are found on Facebook and Instagram. 

The company wrote on their ‘Help Center‘ on Thursday disclosing a privacy bug dating back to November 3, 2014, which potentially has caused the Twitter for Android app to disable the “Protect your Tweets” setting for users without the user knowing, making their “Private Tweets” visible for everyone to see.

This bug got triggered when Android users who made changes to their Twitter Twitter account settings, such as changing email addresses, phone number, passwords, things associated with information within their account, using the Android app between the dates of November 3,2014 and January 14, 2019.

“We recognise and appreciate the trust you place is us an are committed to earning that trust every day” Twitter said in their public statement. 

“We’re very sorry this happened, and we’re conducting a full review to help prevent this from happening again.”


Twitter has not specified exactly how many Android users were affected by this issue, 4 years is a long time duration, and it’s likely that most users have changed their account settings at least once in that period. 

The social giant also confirmed that on January 14, 2019, an update was rolled out for all Android app users to fix the programming blunder. Twitter also confirmed that known users have been contacted by the company regarding the technical fault.

however, since Twitter “Can’t confirm every account that may have been impacted,” it’s very important that you go to your “Privacy and Safety” settings of your app (especially if you’re using a work phone) and make sure the “Protect your Tweets” is enabled. 

The Twitter bug revelation came at the time when the social network is already under European Union investigation for violating the new General Data Protection Regulation (GDPR) rules.

The new law gives European citizens the right to request their personal data from companies, but when Twitter turned down a researcher’s request for data related to its short URL service, the Irish Data Protection Commission (DPC) opened an investigation.

It seems that the DPC is also aware of the latest privacy bug in the Twitter for Android app, and according to Bloomberg, the commission is currently looking into the matter.

Would like to discuss this article further? Contact us on Twitter, Facebook or LinkedIN Group.

Other Articles You May Enjoy:



Diogo Correa

Head of Sales

Diogo has a Bcom in International Business and has forged Technology deals for multiple Enterprise-Grade businesses along with government organisations, across Australia. He is passionate about technology and leading our clients into digital alignment through our innovative Technology Success Program that he has helped build from the ground up.

emotet trojan

New ‘Undetectable’ Email Virus Hits Australia

Compliance - Tech-Success

5 Ways To Stay Compliant With CLI Requirements

cyber liability deny claim

Top 5 Reasons Cyber Liability Companies Will Deny Your Claim

Tech Patrol - Computer Security

How to Assess the Value of Advanced Endpoint Security Solutions

Scroll to Top