Twitter has reached a settlement with the Federal Trade Commission (FTC) over charges that it “deceived consumers and put their privacy at risk by failing to safeguard their personal information.” In the Matter of Twitter, Inc.,
The FTC had alleged that “serious lapses” in Twitter’s security last year "allowed hackers to obtain administrative control of Twitter, including access to tweets that consumers had designated private, and the ability to send out phony tweets pretending to be from then-President-elect Barack Obama and Fox News, among others." The two incidents mentioned involved hackers using password-guessing tools to gain access to administrative functions. Under the settlement, Twitter must maintain a comprehensive information security program, to be assessed by a third-party every other year for 10 years. It also will be prohibited from misleading consumers about the extent to which it maintains and protects the security, privacy and confidentiality of nonpublic consumer information.
Related links:
Twitter Settles Charges that it Failed to Protect Consumers' Personal Information; Company Will Establish Independently Audited Information Security Program
Twitter settles with US regulators over privacy breach - Yahoo! News
Twitter settles with FTC for privacy breach Forrester Blogs