Twitter appears 'error' that causes user information to be approached by third-party advertising providers
The vulnerability has been successfully patched on August 5, 2019, and no significant damage has been reported.
Recently, a Twitter micro blog has officially revealed that some third-party advertising partners have tried to abuse a flaw in the system of this social media platform to extract information. trust users without the account holder's consent. These can be considered relatively serious internal data violations.
- More than 1 million payment card information from Korea is sold on Dark Web
This vulnerability was first known for more than 1 year ago
The vulnerability has been successfully patched on August 5, 2019, and no significant damage has been reported. Twitter commits to users that they will closely monitor the case and send a detailed notice of the actual situation to all accounts affected by the ad vendors' unauthorized data collection behavior. 3rd party. @TwitterSupport's official notice is as follows:
'A small security flaw that appears on the Twitter platform for iOS has inadvertently allowed 3rd party advertising providers to collect and share user location data. We have now patched it, and will be sure to provide all details related to the incident to the affected accounts'.
According to the investigation, the existence of this vulnerability was known to some of Twitter's advertising partners for the first time since May 2018, but Twitter did not have the necessary remedies. At that time, the micro-blog site still did not know the specifics of the incident.
The location data of each account is usually stored 'safely' by Twitter in the user database as part of the data security policy, but in fact, it is not possible to confirm whether advertisers Is this partner of the social networking site granted access to that database?
- British Airways has a systematic, delaying 'error' at many airports in the UK, customers dumping stones on Twitter
If confirmed to violate GDPR, Twitter may have to accept a heavy penalty from the EC
User location data is often used for account recovery processes, and is not designed, nor is it a 'commodity' type that may be allowed to 'sell' to advertisers. However, the investigation results show that when Twitter user accounts are affected by the vulnerability mentioned above, extracting location data can even be done arbitrarily by an advertising partner of Twitter even when users disagree (most are unaware).
More than a year ago, the European Commission (EC) issued and enforced a drastic Regulation on General Data Protection (GDPR) for all EU member states, as well as all companies. has been serving EU citizens since May 25, 2018. A lot of big players in the internet service sector have been "stunned", including Facebook, Google, and Microsoft. Billions of dollars in fines have been imposed, and if the data breach proves to be from the subjective error of Twitter and is related to EU citizens, a heavy penalty is likely to be imposed. use. It took more than a year to confirm the existence of the vulnerability, and it certainly included account information of an EU citizen.
- Apple, Google, Microsoft, Facebook and Twitter will join a large-scale shared data project
'We may have shown you ads based on inferences regarding the device you use even without consulting. However, this is only part of the algorithm testing process to provide more relevant advertising for Twitter users and our other services since September 2018 'Twitter team explained.
Investigations are ongoing and targeting technology teams inside and outside this social networking site to determine the full range of vulnerabilities, even Twitter's partners are within. sight.
For its part, Twitter pledged that any new findings would be publicly disclosed immediately, without exception.
- Customer data collected during Capital 14's 14 years was stolen
Investigations aimed at Twitter and partners are being actively implemented
Twitter users who want to contact this social networking site representative to update more specific information can use the customized form provided by the company. All are still in the process of being investigated and we will notify you as soon as we have the latest information.
You should read it
- Download data from social networks to the hard drive
- What data has been collected from major technology companies from users?
- 'Red alert' after the hack targeted Twitter, Facebook removed the feature matching contacts with phone numbers in Messenger
- Backup personal data on Facebook, Twitter and Google+
- Twitter was cut down by 17-year-old hacker
- Set up 2-layer security for Twitter accounts
- Twitter users: Less stressed
- 13 useful shortcuts that Twitter users need to know
- Instructions for using Twitter for new users
- Twitter AI can automatically identify the most important image area
- Tricks or certain Twitter users should not be ignored
- Twitter has a problem, many users cannot login
Maybe you are interested
14 Windows applications and software needed on new machine How to fix Android error does not ring when a call is made Synology NAS DS918 +: Powerful configuration, great scalability Learn to use a 21 computer - Bring important data with you How to prevent heat for laptops effectively Data recovery from the Lion server on Lion is faulty