Vine – the short and looping videos app – has already been shut down, but that doesn’t mean the information users provided to the company is secure. On May 19, Twitter sent out a mass email to Vine users alerting them of an error that allowed third parties to view email addresses and phone numbers associated with Vine accounts.
In the company’s official statement, Twitter wrote that the bug was immediately fixed, but it affected the Vine Archive for less than 24 hours. The bug had the potential to expose the email address or phone number associated with a Vine account to third parties under certain circumstances. Vine published a Medium post on the issue.
The bug affected the “time capsule”, which is effectively the Vine Archive of all Vines that were uploaded with the service. The archive is view-able from web, although no new uploads are supported.
Twitter urged users who received the email to remain alert for suspicious emails or text messages. The full email follows below.
Dear Vine account holder,
We are writing to let you know that we were alerted to — and immediately fixed — a bug that affected the Vine Archive for less than 24 hours. This bug had the potential to expose the email address and phone number associated with a Vine account to third parties under certain circumstances.
In our investigation, we discovered that the email address and phone number linked to your account were exposed. We want to emphasize that this information can’t directly be used to access your account, and we have no information indicating that it has been misused. We take these incidents very seriously, and we’re sorry this occurred.
As a security best practice, we recommend that you be cautious if you receive emails or text messages from unknown senders. Please keep in mind that Vine will only send you communications from @twitter.com, and we will never send emails with attachments or request your password by email.
For more tips on how to avoid fake emails and stay safe online, read the Twitter Help Center and the FTC’s guide on phishing.
– Vine Support