Vine may be dead, but it’s still managing to cause headaches for some former users, with warnings that some registered email addresses were inadvertently exposed. Twitter, Vine’s owner, announced it was pulling the plug on the six-second video clip social network back in October 2016, though it still maintains an online archive of all the publicly shared footage. It’s that Vine Archive that is causing headaches now.
The archive was formed as a way to preserve the popular videos even after the Vine service itself shut down. New content can’t be added, but existing clips can still be played and shared. The creators of those clips can sign in and download their archive if they so wish.
In an email to Vine account holders, Twitter confirmed that there has been an accidental breach. Rather than Vine being the victim of a hack, the Vine team blames “a bug” for the problem. Whatever the cause, it “had the potential to expose the email addresses associated with Vine account to third parties under certain circumstances,” the message admitted.
An investigation turned up the identities of the accounts which have had exposed information, though the company is at pains to point out that accounts themselves weren’t compromised. “We want to emphasize that this information can’t be directly used to access your account,” the Vine support team writes, “and we have no information indicating that it has been misused.” Nonetheless, it’s a potential issue that former Vine users should bear in mind.
That’s because phishing attacks are a common gateway into installing malware or even hijacking a user’s computer. Emails that look as though they come from a service officially can be used to lure the unsuspecting into clicking links: that can lead to downloads of spying software, or encourage people to share usernames and passwords with third-parties.
Vine’s advice is to “be cautious if you receive emails from unknown senders” and points out that nobody at Twitter will ever ask for a password via email. It’s unclear at this stage how many people have been affected by the email exposure. In a blog post, Vine says it has notified all of the users who may have been impacted, and that if you did not receive a warning at this point then your account is in the clear.