Twitter has disclosed a bug for Android that disabled the "Protect your Tweets" setting if certain account changes were made since 2014.
Twitter said that users may have been impacted by this issue if they had protected Tweets turned on in their settings, used Twitter for Android, and made certain changes to account settings such as changing the email address associated with their accounts between November 3, 2014, and January 14, 2019. People on iOS or the web were not impacted.
The company said it fixed the issue on January 14, and promised to provide updates if other important information becomes available.
Twitter has informed people that were affected by this issue and have turned "Protect your Tweets" back on for them if it was disabled. The company encourages users to review their privacy settings to ensure that their “Protect your Tweets” setting reflects their preferences.
The social media site was already being investigated by Irish data protection authorities over the way it tracks people when they click links, and those officials are looking into this new data breach.
"The Irish Data Protection Commission (DPC) has been notified of this data breach and we are currently assessing its contents," the DPC said in a statement.
Companies whose privacy practises are found lacking face fines of 20 million euros or 4 percent of their annual global revenue from the year before, whichever is higher, under the General Data Protection Regulation (GDPR).