Facebook and Twitter admitted on Monday that scores of personal data from hundreds of users have potentially been improperly accessed after they logged in to Android apps downloaded from Google Play.
A spokesperson for Facebook released a statement about the disclosure saying that they were "notified of two bad actors" by security researchers.
"One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores."
"After investigating, we removed the apps from our platform for violating our platform policies and issued cease and desist letters against One Audience and Mobiburn", he added.
He explained that Facebook plans "to notify people whose information we believe was likely shared after they had granted these apps permission to access their profile information like name, email and gender".
He then urged people to act with caution when choosing "which third-party apps are granted access to their social media accounts".
Security researchers reportedly told the companies that a software development kit called One Audience offered third-party developers personal data access without permission, including email addresses, usernames, and tweets posted from Twitter accounts to access apps such as Giant Square and Photofy. Although no evidence has so far been produced, it was also acknowledged that it became possible for a twitter account to be taken over through the use of the software.
“We think it’s important for people to be aware that this exists out there and that they review the apps that they use to connect to their accounts”, said Lindsay McCallum, a Twitter spokeswoman.
Twitter declared that it will inform users who were affected and that it has informed Google and Apple in order to take preemptive measurers to prevent any similar mistakes in the future.
The news comes as all three social media giants — Facebook, Google and Twitter — come under increased scrutiny from officials, regulators, and lawmakers to protect users being targetted by companies.
The problem has become a paramount concern for governments after accusations began to circulate that analytics firm Cambridge Analytica gained access to 87 million+ profiles on Facebook for political targeting, including pro-Donald Trump campaign ads in the 2016 US presidential election.
Facebook has since suspended thousands of apps in a purge of its online ecosystem.