Facebook and Twitter warn some users’ private data was accessed via third-party app SDK
The State of Security
Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.
According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.
CNBC says that amongst the offending Android apps are the photo-editing tools Giant Square and Photofy. Presently there is no indication that iOS users are affected by the issue.
According to an advisory published by Twitter, data extracted from accounts via the use of the oneAudience SDK (which it describes as “malicious”) in a smartphone app could be used to take control of a Twitter account, although it has seen no evidence that this has occurred.