Two Discontinued Software Development Kits Found Secretly Harvesting Data From Facebook And Twitter

While data harvesting has always been a problem for Facebook, a recent incident also involved Twitter. Reportedly, Facebook and Twitter confirmed how two discontinued software development kits (SDKs) harvested users’ data from these platforms.

Facebook and Twitter have once again made it to the news owing to an indirect data security incident. As revealed, two recently discontinued SDKs secretly harvested data from the two platforms.

Incident With Twitter

Twitter revealed that the malicious SDK from OneAudience allowed third-party app developers to harvest users’ data. According to CNBC, the apps exhibiting this behavior included Photofy and Giant Square.

According to Twitter’s security notice,

Twitter confirmed that the SDK harvested data for some Twitter for Android users. Whereas, Twitter for iOS users remained safe. Twitter is reportedly notifying Android users potentially impacted during this incident.

Moreover, they have also informed Google and Apple about the matter.

Incident With Facebook

Alongside Twitter, Facebook has also confirmed the security incident in its statement to CNBC. They have mentioned two malicious SDKs that harvested Facebook users’ data. While one of these is the same that affected Twitter, OneAudience, the other is from the data monetization platform MobiBurn.

Facebook also assured removing the apps from their platform which used the malicious SDKs. Also, they intend to inform the users affected during this incident.

Below is Facebook’s statement from their spokesperson to CNBC,

After the news surfaced online, the owners of both SDKs released their statements clarifying the matter. Both the firms assured that their SDKs were not intended to collect users’ data the way they did.

You Might Also Like