Twitter says it recently fixed a vulnerability within Android that may have allowed bad actors to see private account information or to control accounts. Before the fix was implemented, hackers may have been able to insert malicious code into restricted storage areas of the app to access information such as direct messages, protected tweets and location information, Twitter said in a blog post.
"We don't have evidence that malicious code was inserted into the app or that this vulnerability was exploited, but we can't be completely sure so we are taking extra caution," the company wrote.
Twitter is directly notifying people who may have been exposed to the vulnerability via the Twitter app or email with instructions on staying safe. If users aren't sure what to do, the company recommends they update to the latest version of Twitter for Android. Twitter for iOS wasn't impacted.