The FTC said that Twitter was guilty of "serious lapses in the company's data security," after hackers twice broke into Twitter administrative consoles by figuring out the passwords of Twitter staffers in early 2009. They then used that access to read private messages and send out fake Twitter messages using a number of high-profile Twitter accounts, including Obama's and those of Britney Spears and Fox News.

Twitter misled consumers by saying that it was taking appropriate security measures to protect their privacy, the FTC said.

In June 2010, , and that was The FTC's five commissioners voted unanimously to accept the settlement.

Twitter now faces fines if it misleads consumers about its security and privacy protections, and it must set up a "comprehensive information security program, which will be assessed by an independent auditor every other year for 10 years," the FTC said.

In a , Twitter said that it had already implemented many of the security practices suggested by the FTC.