Malicious third-party software-development kits may have been used to access user data from some users on Twitter and Facebook.
Security researchers notified the two social networks about the potential vulnerability, and Twitter and Facebook, in turn, alerted Google and Apple so that they could take steps to secure their respective application stores.
Kate Rooney and Salvador Rodriguez of CNBC reported that people who used their credentials from the social networks to login to and access third-party apps including Giant Square and Photofy may have been impacted, and that the malicious SDKs were traced to mobile intelligence platform oneAudience and app monetization provider MobiBurn.
Twitter only cited oneAudience in a Help Center post alerting users about the issue, saying, “This issue is not due to a vulnerability in Twitter’s software, but rather the lack of isolation between SDKs within an app.
WORK SMARTER - LEARN, GROW AND BE INSPIRED.
Subscribe today!
To Read the Full Story Become an Adweek+ Subscriber
Already a member? Sign in