After weeks of denying the reports, Twitter has confessed that a privacy breach exposed to the public tweets that were never meant to be seen by anyone other than the poster’s closest contacts.
The site’s Circles feature allows users to create a private roster of contacts and send them tweets that only they can read. Similar to Instagram’s Close Friends setting, it enables users to share private thoughts, explicit images, and profane statements without jeopardizing their exposure to a larger audience.
However, in an email to affected users obtained by The Guardian, Twitter acknowledged that some tweets had evaded this containment. The email states, “A security incident earlier this year may have allowed users outside of your Twitter Circle to view tweets that should have been restricted to the Circle to which you were posting.”
Users can set a list of friends and tweet solely to them.
Users had reported for weeks that Circles tweets were obtaining likes and views from accounts that should not have access to them. The allegations were not acknowledged by Twitter, whose press office has been largely destaffed and set to automatically respond to requests for comment with a poop emoji.
Now, the company reports that the issue “was identified by our security team and immediately fixed so that these tweets were no longer visible outside of your Circle”
“Twitter is committed to protecting the privacy of those who use our service, and we understand the risks that an incident like this can introduce. We regret that this has occurred,” the company said.
The email did not address separate reports of similar privacy violations involving “private” accounts, whose tweets should not have been displayed to anyone other than their approved followers.
The feature lets users establish a list of pals and submit tweets only they can read.
Since Elon Musk acquired the company in late 2022, Twitter has lost at least 60 percent of its workforce through wave after wave of cutbacks. Musk stated that the site would not be reliable until a “complete rewrite” of the site’s underlying code was completed due to the numerous disruptions that have occurred during the same time frame.
Similar cost-cutting measures have resulted in the service no longer paying for office space, janitorial supplies, and web hosting, with varying degrees of success. Even as Musk attempted to implement a comprehensive return-to-work mandate, Twitter employees in Singapore and London confronted eviction due to unpaid rent.
In countries, such as Germany, where effective content moderation is a legal requirement, site-wide moderation team layoffs have exposed the company to enormous sanctions. The “systematic failure” of the social network to effectively moderate content enables for sanctions of up to €50 million per case, a German attorney told TechCrunch last month.