WARNING: Big Security Loophole In Twitter Can Expose Your DMs

A cat with a bird in his mouth

Direct messages sent through Twitter can be easily exposed thanks to a loophole in Twitter’s API, Gary-Adam Shannon at Search Engine Watch reports.

When a user logs into a site using their Twitter username and password, the site can gain access to the private messages, says Shannon. He breaks it down on a very technical level, but essentially it’s just a small hack.

Shannon recommends you don’t ever log in to a site (other than Twitter.com, obviously) using your Twitter username/password. Another writer at Search Engine Watch recommends users just erase their DMs.

We’ve reached out for comment from Twitter, but haven’t heard back. If the company has anything productive to say we’ll update this.

In the meanwhile, be careful about using your Twitter log in on untrusted sites.

See Also: The Best Tweets About Twitter’s CEO News

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.

Tagged In

online sai-us twitter