Twitter recently disclosed an incident where a known bug was preventing users from logging out of their accounts. The company says it has directly informed the people who may have been affected by the incident and logged them out of any open sessions across devices. It also prompts them to log in again.
Spelling out the details in a blog post, the social-networking giant revealed that a bug introduced sometime in the last year was preventing users from being logged out of their accounts. It was prevalent, especially in cases where users had reset the password voluntarily.
A blog post on Twitter Privacy Center noted:
We want to let you know that we recently fixed a bug that allowed Twitter accounts to stay logged in from multiple devices after a voluntary password reset. In order to help ensure the safety and security of everyone that may have been affected, we’ve proactively logged people who may have been affected out of active sessions. We take our responsibility to protect your privacy very seriously and it is unfortunate this happened. While there is no action for you to take, we want to share more about the steps we’ve taken and best practices for keeping your account safe.
So, if you had proactively changed your password on one device, but still had an open session on another device, that session may not have been closed.
The company has assured its users that the issue has been fixed. However, it has logged out people who might have been affected by the bug. It regrets the inconvenience but considers the move an important step to keep its users’ accounts safe and secure from potential unwanted access.
Others who haven’t received any notification can still check out the controls available in their settings to review any active open sessions and close them.