Twitter sent out an email to developers that API keys and tokens possibly leaked

Written about 1 month ago by IanDorfman

Twitter emailed app developers that utilize its application programming interface about a potential browser cache-based data leak.

The email sent out to developers using Small Twitter iconTwitter's API stated that web browsers on their computers that visited developer.twitter.com may have had their developer app keys and tokens stored in their cache temporarily. This can be an issue if the developer used a shared or public computer. If a person that also used the computer knew which time frame you used it for accessing your app keys and tokens and knew how to access the files cached by the browser, they could easily obtain said keys and tokens.

Twitter has now made it so that data is no longer cached, but if at any point you used a machine that you don't have direct managerial or administrative control over to access this information, Twitter recommends to regenerate your API keys and access tokens by going to the app on developer.twitter.com, choosing details, and then 'Keys and tokens.'

Further coverage:
BleepingComputer