In 2009 two high profile Twtter users - one being President Barack Obama - lost control of their accounts. This prompted the U.S Federal Trade Commission to commence legal action against Twitter. The action has now been officially closed after a settlement was reached.
Hackers twice broke into the Twitter administrative consoles through figuring out the passwords of Twitter staff in early 2009, Following this, the FTC said that Twitter was guilty of "serious lapses in the company's data security." After breaking in, the hackers read private message and sent out fake Twitter messages using a number o high-profile Twitter Accounts.
The FTC felt that Twitter had misled consumers by saying that it was taking suitable security measures to protect their privacy.
Part of the settlement means that Twitter now faces fines if it misleads conumers about its security and privacy protections and that it must set up a "comprehensive information security program, which will be assessed by an independent auditor every other year for 10 years."
Last June, Twitter wrote a blog post saying that they had already implemented many of the practices suggested by the FTC.
Twitter security has definitely improved since the 2009 attacks but there are still some weaknesses. Ashton Kutcher has his account briefly taken over last week after apparently exposing his log-in details over an unsecured wireless network at a conference. If Twitter were to force users to connect over a secure Web connection, this method of attack could be eliminated.
Return to security news headlines
View Security News Archive