Does Twitter have a credibility problem?
There's always a trade-off between convenience and safety.Mark Risher
For many, a single fake tweet from the Associated Press account that briefly roiled financial markets on Tuesday, driving the Dow Jones industrial average down about 145 points, vividly reaffirmed the fearsome, near-instantaneous power of the 140-character message.
But the security lapse also revived doubts about Twitter's place in the media landscape - and its ultimate value - at a moment when its status as one of today's essential information networks had seemed all but cemented.
Just a week after social media networks took criticism for helping circulate misinformation about the alleged perpetrators of the Boston Marathon bombing, Twitter's security shortcomings fell under a harsh spotlight after a hacker group commandeered the AP Twitter account and falsely reported that explosions in the White House had injured President Barack Obama.
The AP was only the latest hacking victim in recent days after Twitter accounts belonging to National Public Radio, CBS 60 Minutes and others were breached. Last year, Reuters News was the victim of hackers who briefly took over one of its Twitter accounts and posted false tweets.
The latest hack was by far the most significant: the single AP tweet stunned investors and effectively wiped out $US136.5 billion of the S&P 500 index's value in a matter of minutes.
Although the news agency later disclosed that one of its employees may have inadvertently given away company passwords as the result of a "phishing" attack by the hackers, security experts quickly faulted Twitter for its long-standing failure to implement two-factor authentication, a double-layered password feature used by the likes of Google and Microsoft that might have prevented the spate of high-profile Twitter hijackings.
"It's one of those cases that we are seeing too often. It's getting unnerving," said Robert Quigley, a journalism lecturer specialising in social media at the University of Texas. "What media organisations need to do is pressure Twitter to have a more secure website."
Although Twitter has repeatedly declined to address its product roadmap, the company has signalled that it will soon unveil two-factor authentication, including a public job posting in February that suggested the company was hiring to tackle the problem.
Mark Risher, the founder of a security consultancy that counts social media companies Pinterest and Tumblr among its clients, said introducing more measures like two-factor authentication would make Twitter more cumbersome to use and potentially slow its user growth - a critical concern for a company that relies on advertising revenues. But he warned that a prolonged rash of high-profile hacks, and an eroding sense of user trust, would hurt Twitter more.
"There's always a trade-off between convenience and safety," Risher said. "But a security issue damages Twitter's brand."
Sign up for CIO Asia eNewsletters.