Twitter Had Data Privacy Issues Long Before Musk Arrived
The letter highlights other instances prior to Musk’s arrival in which Twitter has shown a clear disregard for the safety and privacy of its users.
Just last year, in May 2022, Twitter was ordered to pay a hefty $150 million fine for using phone numbers and other personal information handed over by users for two-factor authentication for targeted advertising between 2013 and 2019.
After that, in July, former head of security Peter Zatko filed a complaint to the FTC alleging that egregious security practices were commonplace at Twitter.
He alleged at the time that around half of the company’s servers were running on archaic, obsolete software, leaving Twitter’s entire system vulnerable to attacks, and that security executives were not painting an accurate picture of the breaches regularly occurring on the platform when communicating with top brass.
Zatko also said that almost a third of the company’s laptops were blocking crucial security updates, while droves of employees had access to highly sensitive source code.
Some of the most damning accusations leveled at Twitter last year – and discussed extensively by security researchers on the platform – included the intentional installation of spyware by Twitter employees, as well as the fact that 5,000 employees had privileged access to the platform’s production systems.
Of course, there are also millions of Twitter users who have had their information leaked online since 2021, after a severe API bug meant that any individual submitting email addresses or phone numbers to Twitter’s systems would be told what accounts the email addresses or phone numbers pertained to.
Is Twitter Worth the Risk?
Right now, Twitter is still a central hub for heads of state, governments, companies, and individuals to engage in public discourse. Twitter alternatives exist but until the world’s most influential personalities jump ship, it will remain foundational to the global conversation, which is worrying considering the platform’s safety track record.
Historical security issues, coupled with the recent exodus of trust and safety-focused personnel – as well as the gutting of the site’s content moderation team – leaves few reasons to be optimistic.
If you have a Twitter account, it’s important you stay up to date with privacy and security stories relating to the platform, and ensure you’re using a password manager to bolster your first line of defense against hackers – especially if you’ve had two-factor authentication removed from your account.