Vine as we once knew it has already been shut down, but unfortunately that doesn’t mean the information you provided to the Twitter-owned company is secure. Twitter just sent out a mass email to Vine users alerting them of a “bug” that briefly allowed third parties to view email addresses and phone numbers associated with Vine accounts. If you get the email, your information was likely exposed — though that doesn’t necessarily mean it’s being misused by anyone. The company makes no mention of any passwords having been exposed during the window that it claims lasted “less than 24 hours.” Vine has also published a Medium post on the issue.
The bug affected the Vine Archive, which the company describes as a “time capsule” (perhaps graveyard?) of all Vines that were uploaded with the service. The Vine Archive remains viewable from web browsers, although no new uploads are supported; Vine’s smartphone app was repurposed into a camera app and can no longer browse the defunct social network.
Twitter is urging users who receive the email to remain alert for suspicious emails or text messages. The full email follows below.
Dear Vine account holder,
We are writing to let you know that we were alerted to — and immediately fixed — a bug that affected the Vine Archive for less than 24 hours. This bug had the potential to expose the email address and phone number associated with a Vine account to third parties under certain circumstances.
In our investigation, we discovered that the email address and phone number linked to your account were exposed. We want to emphasize that this information can’t directly be used to access your account, and we have no information indicating that it has been misused. We take these incidents very seriously, and we’re sorry this occurred.
As a security best practice, we recommend that you be cautious if you receive emails or text messages from unknown senders. Please keep in mind that Vine will only send you communications from @twitter.com, and we will never send emails with attachments or request your password by email.
For more tips on how to avoid fake emails and stay safe online, read the Twitter Help Center and the FTC’s guide on phishing.
– Vine Support