Twitter provided more information about the bug on its developer blog, explaining that this data may allow the wrong developer's webhose URL (the mechanism to use to retrieve some of the twitter application data).
For this, more than two or more registered developers had to share the API subscription associated with the same public IP, the URL paths were exactly matching in those IPs, and the information sent to the developers was generated from the same server in Twitter's datacenter Was there.
Since all those situations should be true for bugs (at the same time), it seems that this malicious developer was exploited. Twitter says that no evidence of such behavior has been received so far, but the company is still investigating.
