Skip to main content

Twitter Settles with FTC Over Privacy

Micro-blogging service Twitter has settled charges brought against it by the Federal Trade Commission that it violated its users privacy and effectively engaged in customer deception due to a security lapses that enabled attackers to access accounts, send phony tweets, and get “administrative control” of Twitter.

The charges stem from incidents in the first half of 2009 in which attackers where able to gain access to Twitter’s internal operations using a dictionary-based password-guessing tool…and it found a very weak administrative password. The administrative password gave attackers access to private user information, including direct messages and private tweets sent between users. They were also able to reset any Twitter user’s password and sent forged tweets that appeared to be from any arbitrary account. The attackers forged tweets from many users, including President Barak Obama (he was president-elect, at the time: the fraudulent tweet promised free gasoline) as well as Fox News.

“When a company promises consumers that their personal information is secure, it must live up to that promise,” said FTC Consumer Protection Bureau director David Vladeck, in a statement. “Likewise, a company that allows consumers to designate their information as private must use reasonable security to uphold such designations.”

Twitter says the incidents “impacted a small number of users,” and the security holes were quickly closed, with Twitter notifying impacted account holders and posting blog items about the incidents.

Twitter is not paying any penalties under the settlement. However, the service will be required to have employees use strong administrative passwords, prohibit employees from storing passwords as plain text, suspend administrative passwords after a “reasonable” number of unsuccessful login attempts, and place a series of other restrictions on access to administrative accounts and employees who have access to them. Twitter is also barred from misleading consumers about security and privacy issues for 20 years—if they’re found to violate that, each violation could cost the company $16,000.

Editors' Recommendations

Topics
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Twitter begins rollout of new gray check marks only to abruptly remove them
Elon Musk.

In the middle of writing an article about Twitter's initial rollout of a new gray check mark verification badge, we noticed something odd: Twitter accounts that had the new gray check marks only minutes earlier were suddenly without them again. So what happened?

Elon Musk apparently happened. Mere hours after his newly purchased social media platform began its rollout of a new gray check mark in an effort to help clarify which high-profile accounts were actually verified, the new gray check marks began disappearing from various accounts, evidently at Musk's behest. Just take a look at this tweet conversation between web video producer Marques Brownlee and Musk:

Read more
Some blue check Twitter users were unable to edit their names
Twitter app on the OnePlus 10T.

Twitter's recent blue check verification drama took an even sillier turn yesterday. Amid all the recent commotion regarding Twitter Blue subscriptions, paying for blue checks, and impersonation versus parody, some Twitter users temporarily lost their ability to edit their screen names.

On Monday evening, some verified Twitter users began reporting that they couldn't change their screen names. It's unclear to us at this time if the issue these users were experiencing was a bug or a new feature of a platform that was recently purchased by Tesla CEO Elon Musk.

Read more
Mastodon surpasses 1 million monthly active users as Twitter backlash worsens
Series of four mobile screenshots showing Mastodon's sign-up process.

Mastodon, an alternative to Twitter that's been getting a lot of attention lately, just surpassed 1 million monthly active users this week, all while Twitter struggles to deal with the  backlash caused by recently announced changes to its platform.

On Monday, Eugen Rochko, founder and CEO of Mastodon, announced via a Mastodon post that the social media platform now has "1,028,362 monthly active users across the network today." This news comes after a particularly tumultuous week (and weekend) for Twitter after Elon Musk took over the popular microblogging platform just last month.

Read more