The social networking company has said the bug related to direct messages between users and businesses. Less than 1 percent of Twitter's more than 330 million monthly active users are believed to have been affected.
Twitter announced Friday that some users' private messages and protected tweets may have been leaked to third-party developers as a result of a software bug that ran for more than a year.
The bug caused certain private interactions between users and businesses offering services via Twitter to be sent in error.
The issue, which was fixed within hours of its discovery on September 10, ran from May 2017, Twitter posted on its website.
"Any party that may have received unintended information was a developer registered through our developer program, which we have significantly expanded in recent months to prevent abuse and misuse of data," Twitter said in a statement.
The company added that the bug affected less than 1 percent of its users. For the second quarter of this year, Twitter logged 335 million average monthly active users.
The San Francisco-based company said it will notify those affected directly through an in-app notice or via its website.
Twitter added that it has contacted developers to ensure they delete the information received as a result of the bug.
"It is important to note that based on our initial analysis, a complex series of technical circumstances had to occur at the same time for this bug to have resulted in account information definitively being shared with the wrong source," Twitter said.