Twitter Security Loophole Exposes Your Direct Messages

image-3351
Direct messages sent through Twitter can be easily exposed, thanks to a loophole in Twitter’s API, according to Gary-Adam Shannon at Search Engine Watch Reports. When a user logs into another site using their Twitter user name and password, the site can gain access to the private messages, says Shannon. He goes into technical detail, but essentially it’s just a small hack.

Shannon recommends you don’t ever log in to a site (other than Twitter.com, obviously) using your Twitter user name and password. Another writer at Search Engine Watch recommends that users erase their Direct Messages after viewing them.  There has been no comment from Twitter, but we hope they are looking into the issue now that the problem has been made public.

Read more…

John Sileo is the award-winning author of Stolen Lives, Privacy Means Profit and the Facebook Safety Survival Guide. His professional speaking clients include the Department of Defense, the FTC, FDIC, Pfizer, Prudential and hundreds of other organizations that care about their information privacy. Contact him directly on 800.258.8076.

 

Posted by Identity Theft Speaker in Identity Theft Prevention, Online Privacy and tagged , , , , , , , , , , , .

1 Responses to Twitter Security Loophole Exposes Your Direct Messages

  1. Hilton Kotts: October 6, 2010 at 4:49 pm

    great post! Very useful.

Leave a Reply