Twitter announced on Monday that it 'inadvertently" collected and shared iOS location data due to a software bug.
In a blog post, the company admitted: "We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances," adding "Specifically, if you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature."
Separately, we had intended to remove location data from the fields sent to a trusted partner during an advertising process known as real-time bidding. This removal of location did not happen as planned. However, we had implemented technical measures to “fuzz” the data shared so that it was no more precise than zip code or city (5km squared). This location data could not be used to determine an address or to map your precise movements. The partner did not receive data such as your Twitter handle or other unique account IDs that could have compromised your identity on Twitter. This means that for people using Twitter for iOS who we inadvertently collected location information from, we may also have shared that information with a trusted advertising partner. -Twitter
Twitter says that the location data was not retained by the trusted partner, and that it only existed in their systems for a short period of time before it was deleted as part of their normal process.
The company reports that it has fixed the problem and will work to ensure that it doesn't happen again.
Those who have been affected by the bug have been notified to let them know what happened, and the company is "very sorry this happened."