Bug caused the Protect your Tweets feature to become disabled for users of Twitter for Android that had it turned on and also made some modifications to their account, such as updating the associated email address. Users fitting this profile between November 3, 2014, and January 14, 2019 – the day the issue got fixed – may be impacted by the bug. iOS and Web clients are not impacted, Twitter says in a post on its Help Center. The exact number of accounts touched by the issue remains unestablished, and that’s why they published the announcement.
Source: https://www.bleepingcomputer.com/news/security/twitter-fixes-four-year-old-bug-in-android-app-exposing-private-tweets/