Twitter was slapped on the wrist this week by the FTC for their lax security that allowed private user data, direct messages and other non-public information be access by hackers last year. From theinquirer.net
The micro-blogging service, known primarily for its useless messages and patchy service, was hacked numerous times last year. The FTC is blaming Twitter for allowing hackers to be “able to view nonpublic user information, gain access to direct messages and protected tweets, and reset any user’s password” between January and March, 2009.
Twitter acknowledged that 45 accounts had been accessed, but bleated that it was only for “short periods of time”.
According to the FTC, the compromised accounts were due to Twitter’s failure to take “reasonable steps”, meaning that its users weren’t to blame.
David Vladeck, director of the FTC’s Bureau of Consumer Protection went further, saying that “when a company promises consumers that their personal information is secure, it must live up to that promise.” Well, yes.
So it is perhaps more than a little disappointing that all Twitter had to do was agree that for the next 20 years it will refrain from “misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of nonpublic consumer information.”
Or, in other words, it merely had to say sorry and promise not to do it again, at least not for a very long time.
Twitter also said that it had already implemented many of the changes suggested by the FTC.
A final decision on the agreement will be made by the FTC on 26 July.
While I don’t have any information on my twitter account that I wouldn’t want anyone else to see, at the same time it’s concerning that things like this could happen.
Twitter growing pains?