Twitter fixes bug that may have compromised developers’ accounts
Twitter has alerted developers of a bug it discovered and fixed that may have compromised their accounts.
In an email sent to developers, the micro-blogging platform said the bug was discovered where information about your Twitter developer apps may have been stored in your browser’s cache when you visited developer.twitter.com
“While we currently have no evidence that your developer app keys and tokens were compromised, we want to make sure you are aware of what happened and what you can do to keep your apps and account secure,” read the email posted on Twitter by Dave Gershgorn, senior writer for Medium’s OneZero.
The developer.twitter.com website is the portal where developers manage their Twitter apps and attached API (Application programming interface) keys.
“If someone who used the same computer after you in that temporary timeframe knew how to access a browser’s cache, and knew what to look for, it is possible they could have accessed the keys and tokens that you viewed,” Twitter said.
“Depending on what pages you visited and what information you looked at, this could have included your app’s consumer API keys, as well as the user access token and secret for your own Twitter account,” it added.
Twitter fixed the issue by changing what content gets cached when users access the developer.twitter.com portal.