Twitter says a 'security incident' led to private Circle tweets becoming public

The company claims it "immediately fixed" the issue.

Carlos Barria / reuters

Back in April, users found a bug with Twitter’s Circle feature that saw the platform expose private tweets to strangers. Now, nearly a month later, the company has finally commented on the issue. In an email seen by The Guardian, Twitter told affected users the exposure was the result of “a security incident that occured earlier this year.”

The company claims the issue was “immediately fixed.” It also shared an apology. “Twitter is committed to protecting the privacy of the people who use our service, and we understand the risks that an incident like this can introduce and we deeply regret this happened,” the company said. When news of the exposure first started circulating online, some, including creator Theo Brown, speculated the issue was the result of Twitter failing to filter Circle tweets out of its recommendation algorithm. Twitter has not operated a communications department since Elon Musk's first round of layoffs, and the company did not initially acknowledge the issue.

More broadly, Twitter has dealt with a growing number of technical issues since Musk’s takeover of the company in October. The billionaire has reduced the company’s workforce by at least 60 percent, gutting many of its technical teams of senior leadership. Over that time, Twitter has suffered multiple outages and otherwise created confusion over feature rollouts and removals.