Facebook and Twitter are set to announce a security breach after hundreds of users may have had their data improperly accessed after logging into certain apps. Some users of the social media giants may have had their data accessed after they used their accounts to log in to certain Android apps downloaded from the Google Play store. The companies received a report from security researchers who discovered the breach.
According to reports, a software development kit named oneAudience gave third-party developers access to personal data.
Data that may have been accessed includes email addresses, usernames, and the most recent tweets of people.
Users who used their Twitter accounts to access apps like Giant Square and Photofy are thought to be at risk.
“We think it’s important for people to be aware that this exists out there and that they review the apps that they use to connect to their accounts,” said Lindsay McCallum, a Twitter spokeswoman told CNBC.
Twitter said it would be informing users who were impacted and may have their personal data at risk.
The researchers are also believed to have informed other companies, including Apple, Facebook and Google about the breach.
A Facebook spokesperson told CNBC: “Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores.
“After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn.
“We plan to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender.
“We encourage people to be cautious when choosing which third-party apps are granted access to their social media accounts.”
This is a breaking story…more to follow