That tweet spread like wildfire, notifying the world of a coding error that opened a security hole with the potential of revealing users' passwords, server IP addresses, API keys and personal information.
Fortunately, Tumblr reacted, fixing the problem and then issuing this official message about 5 to 6 hours after the flaw was discovered:
"A human error caused some sensitive server configuration information to be exposed this morning. Our technicians took immediate measures to protect from any issues that may come as a result.
We’re triple checking everything and bringing in outside auditors to confirm, but we have no reason to believe that anything was compromised. We’re certain that none of your personal information (passwords, etc.) was exposed, and your blog is backed up and safe as always. This was an embarrassing error, but something we were prepared for.
The fact that this occurred at all is still unacceptable, and we’ll be seriously evaluating and adjusting our processes to ensure an error like this can never happen again.
Please let us know if you have absolutely any questions."
What caused the error? That's still under intense discussion at The Hacker News and elsewhere in the hacker community, but many think the culprit was a errant piece of PHP code. Obviously, spelling counts.