Twitter uncovers security flaw in its Tweetdeck tool

June 11, 2014, 5:46 PM UTC
Twitter Inc.'s TweetDeck Social-Media App
A logo for Twitter Inc.'s TweetDeck is seen on the company's website in this arranged photograph taken in London, U.K., on Tuesday, May 7, 2013. TweetDeck apps for Apple Inc. iPhones, Google Inc. Android devices, Mac computers and machines that run Microsoft Corp.'s Windows will be removed from app stores in May, San Francisco-based Twitter Inc. said in a blog post. Photographer: Simon Dawson/Bloomberg via Getty Images
Photograph by Simon Dawson — Bloomberg/Getty Images

Twitter (TWTR) tool Tweetdeck is temporarily out of service after a security issue stemming from an XSS vulnerability popped up Wednesday afternoon.

The tool, which allows users to track their accounts and engagement with their tweets, suffered from a security issue earlier today that allowed hackers to access users’ accounts and security information. Several news outlets were reporting that the issue in question only affected users on Tweetdeck’s Chrome app.

Tweetdeck said in a tweet at about 12:36 p.m. EDT that “a security issue” had been fixed and urged users to log out of the app before logging back in to implement the fix. About 28 minutes later, Tweetdeck posted a follow-up message indicating its services were down: “We’ve temporarily taken Tweetdeck services down to assess today’s earlier security issue. We’ll update when services are back up,” the tweet read.

The issue comes the same day that the Online Trust Alliance handed Twitter top honors in its Online Trust Audit and Honor Roll that rates websites based on such criteria as security and privacy, according to CNET.

Update: Tweetdeck said it’s up and running again in a 1:55 p.m. EDT tweet: “We’ve verified our security fix and have turned TweetDeck services back on for all users. Sorry for any inconvenience.”