For more than four years, private tweets may have become public due to a flaw.
The security issue meant that private tweets sent on Twitter for Android between November 3, 2014 and January 14, 2019 could have been public without the user's knowledge.
The social media giant said the problem was caused by users who changed their email addresses by inadvertently turning off the "Protect Your Tweets" option.
CONSULT MORE INFORMATION: The afterlife of your social media account
CONSULT MORE INFORMATION: Twitter suspended 58 million accounts at the end of 2017
Twitter admitted that it found the problem on January 14, but only users reported on Friday.
"We became aware of a Twitter Twitter problem that disabled the Protect your Tweets setting if certain account changes were made," the statement said.
"We've informed people we know of as affected by this issue and have re-enabled Protect your Tweets to disable it."
Twitter apologized for the problem, but encouraged users to check their privacy settings.
"We recognize and value the trust you place in us and we are committed to gaining that trust every day," he said.
"We are very sorry this has happened and we are conducting a thorough review to help prevent this from happening again."
CONSULT MORE INFORMATION: Would you trade your child's privacy for some tastes?
CONSULT MORE INFORMATION: Why Facebook scandal affects you more than you think
People using iOS and web browsers for Twitter were not affected by this problem.
Contact the author at [email protected]