Direct messages sent through Twitter can be easily exposed, thanks to a loophole in Twitter’s API, according to Gary-Adam Shannon at Search Engine Watch Reports. When a user logs into another site using their Twitter user name and password, the site can gain access to the private messages, says Shannon. He goes into technical detail, but essentially it’s just a small hack.
Shannon recommends you don’t ever log in to a site (other than Twitter.com, obviously) using your Twitter user name and password. Another writer at Search Engine Watch recommends that users erase their Direct Messages after viewing them. There has been no comment from Twitter, but we hope they are looking into the issue now that the problem has been made public.
Read more…
Posted in Identity Theft Prevention, Online Privacy by Identity Theft Speaker John Sileo.
Tags: Direct Messages, identity theft expert, John Sileo, Online/Social Media Privacy, Security, Social Media Privacy, social networking, twitter, Twitter Loophole, twitter privacy, Twitter Safety, Twitter Security