Tag Archives: security incident

Twitter Acknowledged Security Incident Affecting Twitter Circle Tweets

Back in April, several Twitter users were affected by a bug that showed private Twitter Circle tweets to random users in the For You tab. A month later, Twitter acknowledged the security incident and informed users in an email sent out on Friday that the bug has now been fixed, 9to5Mac reported.

Twitter Circle is a feature that works similarly to Instagram’s Close Friends, which lets you share posts with only the users you’ve chosen. As such, anyone can keep their account open to the public and still share tweets about their personal lives with their closest friends, for example.

But the bug that Twitter has now confirmed was causing these tweets to show up on the timeline of people who weren’t part of that Circle. Even worse, random users who didn’t even follow the affected accounts could see the tweets from private Circles.

TechCrunch also reported that a security error that made Circle tweets – posts that only go out to a small subset of trusted friends – surface publicly. TechCrunch reported the glitch in early April, but the platform confirmed the issue on May 5th in an email sent to Twitter Circle users.

According to TechCrunch, Twitter Circle has been buggy for months, which is concerning for a feature that people use to tweet things they don’t want to share with all of their followers. When we reported on the issue last month, numerous users had been tweeting that people outside of their circle were liking their private tweets; one user even said that she posted nude photos on her Circle, which slipped through the cracks and surfaced for unintended eyes.

Most often, it seemed that Circle tweets were being surfaced in the For You timeline to users who follow the poster, but were not in their Circle. Others reported that their Circle tweets were reaching even further than those who follow them.

Fortune posted the entire email that was sent out to Twitter Circle users:


We’re contacting you because your Twitter account may have been potentially impacted by a security incident that occurred earlier this year (April 2023).

What Happened

In April 2023, a security incident may have allowed users outside of your Twitter Circle to see tweets that should have otherwise been limited to the Circle in which you were posting. This issue was identified by our security team and immediately fixed so that these tweets were no longer visible outside of your Circle.

How to Protect Your Account

We take our responsibility to protect your privacy very seriously and it is unfortunate that this happened. While there’s no action for you to take specific to this issue, we invite you to visit our Public and Protected Tweets page… (A link to that page was posted here in the email.)

This is an automated mailbox. For any questions or concerns you may have about this incident, please reach out to Twitter’s Office of Data Protection through our Data Protection Inquiry Firm.

We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.

Twitter Office of Data Protection

I don’t use Twitter Circle, and my personal account is private. As such, I have not been affected by this particular glitch. Those who had their Twitter Circle posts leak outside their Circle have a right to be upset about it, and I doubt Twitter’s email would make them feel any better.

Clearly, something broke in Twitter’s background, and that’s a problem. If Twitter Circle tweets are leaking out – it indicates that something has gone very wrong behind the scenes at Twitter. It feels like it has gotten into a downward spiral.