If you often use Twitter’s Circles feature, you might reconsider sharing sensitive information there. Several Twitter users have complained that their contributions to private Twitter Circles have been made public, exposing their most intimate thoughts and images to the whole Twitter community.
Twitter Circle is a feature that allows users to share tweets with a selected group of people, similar to Instagram’s Close Friends. However, a recent bug has exposed some of these private tweets to the public, causing embarrassment and potential harm to some users.
In this blog post, we will explain what happened, how to check if you are affected, and what steps you can take to protect your privacy and security on Twitter.
Think twice when you use Twitter Circle
According to reports, some Twitter users noticed that their Circle tweets were appearing on other people’s timelines, even if they were not in their Circle. This means that anyone could see their personal or sensitive information, such as opinions, gossip, or even nudes.
The bug was first reported by Twitter user @t3dotgg, who conducted an experiment by posting a Circle tweet asking anyone who saw it to like it. He received likes from users who were not in his Circle, confirming the bug.
TWITTER CIRCLES ARE COMPROMISED. I REPORTED ON THIS LAST WEEK. https://t.co/W0m7l1MIPb
— Theo – t3.gg (@t3dotgg) April 10, 2023
Another user also experiments with the bug and find out Twitter Circle is not safe.
I made a Twitter Circle with one person in it and posted this tweet for science. This was the result. Two people I don't follow saw the tweet & liked it. One of those people doesn't follow me either.
Twitter Circles aren't private. Don't post anything you want private in them. pic.twitter.com/p5uzlmIkuJ
— Ian Coldwater 📦💥 (@IanColdwater) April 10, 2023
The exact cause and extent of the breach are still unclear, but some researchers have suggested that it may be related to a previous hack that exposed 400 million users’ email addresses in December 2022. The hacker behind that attack had demanded $200,000 from Twitter to return the data but later released it for free on a hacker forum. The data did not include phone numbers, but it could be used for social engineering or doxing campaigns.
Twitter has not officially commented on the bug, as the company recently laid off its entire public relations team. However, some users have reported that the bug has been fixed, and their Circle tweets are no longer visible to others.
Twitter may face legal consequences for the breach, as it violates the EU’s General Data Protection Regulation (GDPR).
How to check if you are affected?
If you have used Twitter Circle to post any tweets that you would not want others to see, you may want to check if they have been exposed to the breach. One way to do this is to use a tool called TweetBeaver (https://tweetbeaver.com/), which allows you to download your entire tweet history as a CSV file. You can then search for any tweets that have the word “Circle” in them and see if they have any likes or retweets from users who are not in your Circle. Alternatively, you can also ask someone who is not in your Circle to check your profile and see if they can view any of your Circle tweets.
What steps can you take to protect your privacy and security on Twitter?
If you find out that the breach has exposed your Circle tweets, you may want to delete them as soon as possible. However, this may not be enough to prevent others from seeing them, as they may have been cached or archived by third-party services or websites. Therefore, you should also consider taking the following steps:
- Change your password and enable two-factor authentication on your Twitter account. This will help prevent unauthorized access to your account and protect your other personal information.
- Review your Circle settings and make sure you only add people you trust and know well. You can also remove anyone from your Circle who you no longer want to share tweets with.
- Be careful about what you post on Twitter, even if it is in a Circle. Remember that anything you post online can be leaked or hacked at any point, so avoid sharing anything that could harm your reputation, relationships, or safety.
- Report any suspicious or abusive activity on Twitter to the platform’s support team. You can also block or mute any users who harass or threaten you online.
- Seek legal advice if you think the bug has violated your rights. You may be entitled to compensation or other remedies under the GDPR or other laws.
Twitter Circle is a useful feature that can help you connect with a smaller group of people on the platform. However, as the recent data breach has shown, it is not foolproof and can expose your private tweets to others. Therefore, you should always be cautious about what you post online and take steps to protect your privacy and security on Twitter.
