Twitter Inc. (TWTR) said its TweetDeck tool for organizing and tracking tweets has resumed operation after experiencing a security issue.
The service had earlier been taken down following a breach, the San Francisco-based microblogging company said in a post on its @TweetDeck Twitter account. An earlier tweet said the company had fixed the issue and Twitter later added that it had verified the security bug had been resolved.
Twitter didn’t describe the vulnerability and didn’t immediately respond to a request for further comment.
Numerous companies have been hit by technology security issues recently. Restaurant chain P.F. Chang’s China Bistro Inc. said yesterday it was investigating whether it was the target of a data breach. Hackers previously wreaked havoc with Target Corp. and Neiman Marcus Group Ltd., exposing the credit-card data of tens of millions of customers. In March, Sally Beauty Holdings Inc., a seller of hair and beauty products, said data from customers’ payment cards had been illegally accessed and may have been stolen.
TweetDeck, one of the biggest Twitter client programs, which lets people use the microblogging service via another program, was bought by Twitter in May 2011 for about $20 million.
The vulnerability in TweetDeck appeared to be a cross-site scripting bug, or XSS, a common computer programming error that lets hackers inject commands into Web pages and force them to do things they normally wouldn’t, according to security experts. In this case, the most obvious damage was mischief makers exploiting the security hole to post pop-up messages to users’ screens.
Cross-site scripting vulnerabilities can range from serious weaknesses that expose sensitive information to minor flaws that result in harmless annoyances to users. Hackers exposed a similar vulnerability on Twitter in 2010. In that instance, the bug was also used to show harmless pop-up messages on users’ screens.
To contact the editors responsible for this story: Pui-Wing Tam at firstname.lastname@example.org Reed Stevenson