How FTC punished Twitter Over 2009 Security Lapses

US Federal regulators have finally finalized a settlement with Twitter related to data security lapses in 2009 that gave hackers access to users' accounts.

According to the verdict, Twitter deceived its customers and put their privacy at risk by failing to keep their personal information safe as promised by the company's policies. Hence as a measure to prevent such lapses in future, the settlement bars Twitter from misleading consumers about its security and privacy practices for 20 years. The ruling also requires the micro blogging OR Social networking site OR Real time broadcasting platform OR a mix-Of-All ( whatever one wants to define Twitter as) must also establish a comprehensive information security program that will be audited every other year for the next 10 years.

No monetary damages were assessed.

A little bit about the 2009 Security Lapses:

According to the FTC complaint, the hackers were able to gain administrative control of Twitter twice between January and May 2009. And the weak employee passwords and other poor security practices on the part of staffers was responsible for the security lapses, which resulted in about 55 accounts accessed by the hackers. Many of whom belonged to influential people. --------

No comments