Like this one[1] from 2018?

> Twitter has told an undisclosed number of users their private messages may have been leaked to third-parties for more than a year.

> The software “bug”, which has since been fixed, involved direct messages between users and businesses that offer customer services via Twitter.

> "The issue has persisted since May 2017," Twitter said.

[1] https://www.bbc.com/news/technology-45609633

Strange lack of detail there. What was the actual point of exposure? I wonder if that was a latent security issue that wasn't actually exploited.

They did have problems like state actors getting spies hired and leaking data directly of course.

I would hazard that they weren’t in a position to know or be sure, given the whistleblower’s revelations, but also that they wouldn’t be publicising random bugs from their bug tracker without reason.