Skip to Content
© Michaeljayberlin |
Security & privacy

Apps can steal your info if you use this common login method

Personal data is big business, and apps across the web are dying to get yours by whatever means necessary. We’ve already seen how dedicated social media platforms are to providing data to third parties. Click or tap to see what Facebook does with your data.

Some of the most overt data harvesting has been condemned or shut down in recent years. Facebook came under fire for allowing Cambridge Analytica to access data for political purposes. Using a third party app, it deceived users into giving consent to access their data.

And now, history looks to be repeating itself — but this time, it’s not just Facebook. Twitter and Facebook are warning users their data may have been harvested if they logged into third-party apps with their profiles. If you’ve ever connected your Twitter or Facebook account to another app, here’s what you need to know.

Logging your log-ins

According to new reports from Engadget, as well as alerts from Twitter and Facebook, users across both platforms are being informed a malicious third-party application may have accessed their data without their knowledge.

The Twitter notice announced a software development kit called oneAudience is responsible for the data leak. This SDK is bundled with a variety of third party apps that allow users to connect their social media accounts for sharing, among other features.

What users didn’t know was the fact that this SDK would take personal data like usernames, email addresses and recent tweets to send back to its developers.

RELATED: Your online security is at risk without this tool

So far, the issue only seems to have affected users on Twitter and Facebook, where app integration is a major part of the platforms. Facebook believes 10 million users may have had their data compromised. Both companies urge users to delete any third-party apps with unknown developers as a precaution.

Am I affected? What can I do to protect myself?

Twitter explicitly stated in its announcement that there isn’t anything users can do at the moment. Other than deleting malicious or sketchy apps, there isn’t much else to be done — once the data is gone, it’s gone.

That said, the data gleaned by oneAudience isn’t so specific it can cause you much harm. Usernames, email addresses and tweets can paint a demographic picture for marketers to use, so you might see an uptick in spam emails filling your inbox.

And as we’ve said in previous articles, it’s never wise to open or engage with spam. That’s where the real malicious apps like to hang out. Click or tap here to see how to deal with email spam.

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me