FTC Direct Messages Twitter About Security Breaches - The UpStream

FTC Direct Messages Twitter About Security Breaches

posted Sunday Jun 27, 2010 by Jon Wurm

FTC Direct Messages Twitter About Security Breaches

I have posed the question before about what Twitter will do with their virtually endless supply of investor capital and while we still don't have a clear answer we now know that it wasn't spent on keeping your information safe. According to the FTC Twitter has had "serious lapses in the company's data security." What exactly does that mean? It means that during January through May 2009 hackers were easily able to get into Twitter admin accounts by using simple password guessing programs. They then reset the password to the accounts so others could have access. In an unrelated instance, another hacker was able to break into a Twitter employees Gmail account in which they had users passwords stored in plain text... IN PLAIN TEXT!

The FTC has given Twitter a written warning about using simple passwords and also for storing them IN PLAIN TEXT. The company will have their security tested every 3 years by an independent company. They will also be fined $16,000 per every instance of a security breach. The icing on the cake however, is that Twitter is also not allowed to lie about their privacy and security settings for the next 20 years. The only reason I can think of as to why 20 years is the requirement is that the FTC doesn't expect them to be around that long.


Login to CommentWhat You're Saying

Be the first to comment!

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats