Vine Archive Bug Revealed User E-mails & Phone Numbers

May 19, 2017 - Written By Daniel Golightly

Users of the now-defunct, Twitter-owned Vine social network may want to be on the lookout for an email from Twitter after a bug exposed an unreported number of the social network’s users’ data. The information was inadvertently shown to third parties “under certain circumstances” for a full 24 hours and included users’ e-mail addresses and phone numbers. For now, Twitter says that is the only information known to have been compromised but that an email is being sent out to all affected users. If you see a message from Twitter in your inbox, you may want to take a look.

Meanwhile, the company has also come forward with a statement on May 19 revealing that the bug itself came through the Vine archive, rather than through the Vine camera application. No password data was taken and Twitter has not seen any indication that the exposed data was misused in any way. With that out of the way, the company is also quick to remind users that any email from or pertaining to Vine will come from “@Twitter.” Users should also be on the lookout for suspicious text messages or emails about the service containing attachments or that request a password since Twitter will never do either of those two things and such messages likely contain malware or are being used as part of a phishing attempt. For a more in-depth explanation of suspicious activity to watch for, the company requests that users check the Twitter help center pages and the federal trade commission’s online guide to phishing.

Vine was, primarily, a short looping video sharing application and service which, as Twitter puts it, “inspired and entertained.” The service was shut down last year, and its associated mobile software was relegated to a camera app shortly thereafter. Despite that fact and that new uploads are no longer allowed, Twitter kept the Vines all backed up and visible to users through a web browser – presumably for the sake of posterity. While the company hasn’t come out to describe what the specific circumstances were that allowed third-parties to view users’ data, the statement released about the problem did claim the bug has been fixed now. So for anybody who hasn’t received an email about it yet, your details are most likely safe. That said, it’s probably a good idea to avoid suspicious messages from unknown senders all the same.