Representatives of the social network explain that the incident is unlikely to be a problem for those developers who use personal browsers. However, people who have used public or other people's computers to access developer.twitter.com should be aware that their API keys (and not only) were most likely stored in the cache of those browsers.
“If someone who has used the same computer since knew how to access the browser cache and knew what to look for, perhaps they could have accessed the keys and tokens you were viewing. Depending on which pages you visited and what information you viewed, the (leak) could include your application's API keys, as well as user access tokens and your own Twitter account secret, ”the company's engineers write.
Currently, the bug has already been fixed, and so far the company has not found any evidence that hackers managed to exploit the problem.