Twitter Developers have emailed warnings of a bug that may have exposed their app private keys and account tokens.
In the email it received from theinformationsuperhighway, the social media giant announced that the private keys and tokens may have been inadvertently not properly cached in the browser.
"If you were using a public or shared computer to view your developer app keys and tokens on developer.twitter.com prior to the fix, they may have been temporarily cached in the browser on that computer," the E -Mail. "If someone who's been using the same computer after you during this temporary period knows how to access a browser's cache and what to look for, they may have accessed the keys and tokens you saw."
The email indicated that in some cases the developer's access token for his own Twitter account was also disclosed.
These private keys and tokens, like passwords, are considered secret because they can be used to interact with Twitter on behalf of the developer. Access tokens are also very sensitive because, if stolen, they can allow an attacker access to a user's account without requiring their password.
Twitter said it had not yet seen evidence that these keys were compromised, but cautioned developers to exercise caution. The email states that users who may have been using a shared computer should regenerate their app keys and tokens.
It is not immediately known how many developers were affected by the bug or when exactly the bug was fixed. A Twitter spokesperson wouldn't give a number.
In June, Twitter announced that business customers, such as those who advertise on the site, may also not have their private information properly cached in their browser.