Those who, for reasons that vary among users, choose to set their Twitter accounts as protected, keeping unwanted and prying eyes out, were potentially vulnerable from November 2013 up until yesterday, Twitter has reported on its blog.
The problem involved SMS and unapproved followers who could, under so-called "rare circumstances", gain access to tweets from the protected account they weren't authorized to follow. The tweets would be delivered via SMS or push notifications, Twitter revealed.
The bug is said to have affected 93,788 protected accounts since this past November. Along with a revelation of the bug came the announcement that it has been fixed, and that under the fix the unapproved follows have been stripped away from the protected accounts.
Twitter says it has "taken steps" to make sure this particular bug and ones of its nature don't happen again in the future, saying that it "should not have happened". The affected users have received emails from Twitter advising them of the bug and fix, as well as the service's "whole-heart apologies".
SOURCE: Twitter Blog