September 21st, 2009
Are Twitter direct messages safe?
A twitter colleague sent me a direct message that apparently ended up in another user’s mailbox. This error suggests that private information sent on Twitter could be exposed to non-intended recipients.
Here is a screen capture of the private message, annotated according to the following legend:
- Recipient: Susan Scrupski
- Sender: @zolierdos
- Intended recipient: @mkrigsman
- Message text, which I blurred to maintain confidentiality
The sequence unfolded this way: Twitter user @zolierdos sent a private direct message to me. That message ended up in the Twitter account of mutual friend Susan Scrupski. Susan then told Zoli and me that Twitter sent her the private message.
Zoli sent the message using a Twitter client, so perhaps the problem lies there. However, whether due to a Twitter snafu or a third-party bug, this issue raises serious questions about the confidentiality of private information sent through Twitter.
Until this issue is resolved and you can be sure private messages remain confidential, I suggest you adjust your direct message habits accordingly.
Have you experienced similar errors? Let us know.
Update 9/21/09, 11:15PM EDT: Twitter support contacted both Zoli and me to investigate. The company is taking the problem seriously.
Update 9/22/09, 8:00PM EDT: Twitter support says the problem was operator error and not a bug. While there is no way to prove this assertion, I’ve heard anecdotal evidence about direct messages ending up in the wrong hands. My advice: be careful sending sensitive information through Twitter.
Michael Krigsman is CEO of Asuret, Inc., a software and consulting company dedicated to reducing software implementation failures. Click here to discuss this post with him on Twitter. See his full profile and disclosure of his industry affiliations.
Subscribe to IT Project Failures via Email alerts or RSS.
