It seems someone has found another security hole in Twitter, as at least two acquaintances are complaining of direct messages being sent from their accounts but not by them. The messages trigger an SMS message and an email notification, but are not logged in either the sender or recipient's direct message archive on Twitter.com. I'm guessing someone's done a simply query-string hack of the form handler, or possibly using SMS to route around Twitter's authentication schemes. Either way, seems like every day is becoming Twitter as someone else day.

Contact information for this author is not available.