In this lengthy post we will describe how Startup Trek has exhausted all options in attempting to reach technical support and/or management at Twitter, leading to the current point where we have begun to work with a law firm to become the claimant in a class action suit against the social networking firm.
Background
As we described in a previous post, our brand name “StartupTrek” (Twitter.com/StartupTrek) was hijacked back on July 20th. We have exhausted all means of attempting to reach Twitter for help, but they have steadfastly refused to respond to help us out in recovering our account. We even attempted to enlist the help of their venture capital backers at IVP, but after an initial friendly offer to assist, that was rescinded.
Our current complaint about Twitter is not motivated by any personal animosity towards them. Quite the contrary; in fact we were early adopters (Tweeting since March 2008) and have told many friends (actually, anyone that will listen) over the past six months, that “Twitter is likely the most important tech startup company since Google arrived a little over ten years ago, and potentially since Microsoft arrived in 1982″. So we are definitely fans of what Twitter is doing; a leading adopter; Twitter advocates. Perhaps unfortunately, we’ve come to depend upon Twitter’s service in building out Startup Trek.
What Happened
Our Twitter account was created early in March of 2008. During the first year we Tweeted lightly; not fully appreciate the power of this new form of one-to-many, full-duplex human communication until around Jan 2009. For the past four months we’ve invested a lot of our team’s business time and energy into “branding” StartupTrek on Twitter, and made a total of 442 carefully written “Tweets” about the startups we interview and analyze. It had become the source of a good percentage of our traffic as our new blog approaches launch.
At the peak of our efforts, on June 20 2009 we had 710 followers interested in our Tweets, often “clicking through” to articles on the StartupTrek blog. In order to learn how to create a more “viral” follower base we began to investigate 3rd-party marketing services which specialize in Twitter.
On July 21st 2009, control of Startup Trek’s Twitter account (homepage located online at http://Twitter.com/StartupTrek) was “hijacked” away from us by a malicious 3rd-party service. We believe that over the past 3-4 weeks, it is very likely that this has happened to thousands, probably tens of thousands of other business users of Twitter. Just like in the website version of a hijacking, the malicious “owner” of these accounts stands to accrue financial gain by gaining control of the account; and the real owner is the victim.
The Financial Impact and Scale of a Twitter Account Hijacking
The financial, material, web traffic (ad revenue), and goodwill damages which occur to a serious “Tweeter” when they are hijacked, are the online equivalent of identity theft. Great damage ensues. In our case, our hard-earned follower base collapsed from the 700’s to today’s 575; representing two or three months of hard work. The damage to our brand name, reputation, and the loss of advertising revenues on my website are substantial.
Twitter’s response has been: sorry, your problem.
Why would Twitter fail to work with their users to fix this?
Twitter is very likely aware of this major flaw in how their website works, and probably has a major revamp of their access method in design; but it must be a low priority. In the meantime, they seem to be pursuing a strategy of “hear no evil, see no evil”. In other words, they just write off (ignore) effected users like StartupTrek. It is a practical solution, allowing them to focus on the bigger issues they are contending with, and slow-rolling a fix versus treating it like the crisis that it is. They probably fix it for only users with more than a certain number of followers, and write off the rest of the accounts. Brutal, but efficient for them.
Given that Twitter has a multi-Billion dollar valuation and recently took on an additional $35M round in a VC “deal stuffing feeding frenzy”, you would think they would have the resources to fix this problem. In fact, we know of a simple fix: add a second password to each account, for use with 3rd-party applications. Should take them about two engineer days to code it, two more to beta test it and maybe one to roll it out. So I can only attribute the continued existence of this problem to some larger motivation; perhaps they just don’t want to admit there is a problem; or they are busy with other matters.
Twitter support doesn’t exist, for this problem – in fact, it hides!
For the past 28 days, we have invested a great deal of time in trying to reach someone at Twitter to get this problem resolved, with absolutely no success. Twitter does not respond to technical support requests on this issue, from what we have experienced; and I’ve come to realize they have probably figured out they are at risk for legal exposure (liability) on this. They appear to only issue (repeatedly) a set of recommendations for resetting your password, which don’t work – for reasons I’ll detail later.
After your Twitter account is stolen and you contact them for support, they send their password reset email to “the email address which you originally registered with”. But it appears that malicious Twitter account hackers have figured out how to change THAT particular address to another address, because we do not receive Twitter.com’s password reset emails. So my account remains in the control of some other user.
Whenever we send a technical support request to Twitter (from another account), we get their automated response suggesting things to try, principally the password reset email. They also ask a series of questions to establish my identity as authentic. The email states that failing the automated password reset, someone from Twitter will contact us; but they never do. In fact, Twitter appears to be “hiding from” the presumably very large base of users who have this particular problem, who it appears they do not have a solution for. Twitter has failed to provide a mechanism to resolve this problem, and also they fail to provide technical support.
Since Twitter appears not to provide technical support, I located the top (highest traffic level) 3rd-party Twitter support service, and attempted to find an answer there. I never received a response, and I discovered that many other hijacked users are also getting no help there.
Trying every imaginable remedy
I decided to contact Twitter the old fashioned way, by locating their (hard to find) telephone number in San Francisco. They do not answer their telephone, but you can leave a voicemail.. However, Twitter does not return calls after polite messages are left.
We have contacts within a large number of venture funded tech startup companies, but Twitter is an exception. So we decided to physically go to the Twitter headquarters in San Francisco and attempt to charm my way in, to get some help. No luck there, either – a complete stonewall.
We wrote a blog post on my blog about this situation, which goes into more detail about my situation and asking other knowledgeable Twitter users for help. No luck, although it’s getting some good page view traffic.
We also posted a request for help at the new social networking phenomena Aardvark.com; again no luck or help available; a few suggestions but nothing worked.
Even Twitter VC’s at IVP blew off Startup Trek after we tried to persuade them to put us in touch with Twitter (probably once they realized the scale and severity of the issue)
How Twitter’s VC’s handled it
At Tony Perkins’ AlwaysOn “Venture Capital Summit at Stanford” two weeks ago, we met one of the General Partners at Institutional Venture Partners (IVP) of Menlo Park. He had dropped several times in his fireside chat talk that IVP was an early investor in Twitter; and I know one of the partners there. So I chatted with him after his talk, and he agreed to try and put me in touch with someone at Twitter who might be able to help. An initial email exchange with he (and another IVP partner, more directly involved with Twitter) seemed promising (alas! finally!! I said to myself).
Then, a few hours later (presumably after one of them spoke with Twitter management) the IVP General Partners turned the cold shoulder on Startup Trek, saying by email “if you gave out your password to a third-party service we can’t help you”. I think they know there is liability here, and it’s likely being discussed at the board level. We also noticed that IVP seems to have put a block on their email server, which rejects any further incoming emails from us. Thanks a bunch there guys!
The last email I sent IVP (while they were still listening), explained that each week millions of Twitter users are FORCED to give out their Twitter password to 3rd-party service providers who support Twitter users, because Twitter hasn’t provided an alternative. He responded with no email, just an email block so that I can no longer reach him by email. I was disappointed, but not surprised considering how purposefully Twitter seems to be avoiding their users, on this particular issue.
The mechanics of a Twitter hijacking
Now let’s review in some me detail how Twitter accounts come to be hijacked. Like most social networking services and websites, when you open an account you create a user ID and setup a password at Twitter.com. You then configure a home page (profile) at Twitter.com/USERID. In my case that page is at Twitter.com/StartupTrek. Everything is fine for the beginning Twitterer. But once you become more skillful and serious at using the service to communicate and learn, you begin to realize that there are many aspects that remain un-implemented, or grossly inadequate at the Twitter.com website.
As a result of Twitter being unable to implement features and capabilities fast enough to meet their users’ requirements hundreds (soon to be thousands, if not already) of third-party applications have sprung up around Twitter, from the TweetDeck.com client, to online Twitter directories, Marketing services, and even tech support forums. The problem is, that Twitter is designed in such a way that in order to USE these services, you MUST provide these third-party services with your Twitter password. As a practical matter, I would estimate that at least a third of Twitter’s users have been doing this as a necessity over the past six months.
Over the past month we’ve noticed a rash of Twitter stories in the media about users being “Hijacked”, including President Obama and some other high profile Twitter users. I would imagine those users were able to get some help from Twitter. But I suspect there are thousands, more likely tens of thousands (possibly more) ordinary business users like ourselves, out of the 40M+ registered Twitter users, who have been hijacked like this.
Where Twitter engineering made a mistaken assumption
Twitter’s mistake is that they have assumed that they can send you a password reset email to “the email address you registered with” to accomplish a password reset, so they have automated-only support on this issue. However, I believe that malicious users have somehow figured out how to “reset” (replace) that address in accounts they seize… and therein lies the rub.
Summarizing, and calling all class-action attorneys
Once again, we are big fans of the company Twitter and their social networking service. We’re really disappointed that they have chosen not to address this serious issue for their users, and even more disappointed that they refused to even have contact with their most enthusiastic members of their online community. Well, at least it’s better than LinkedIn, where proactively hostile, user-unfriendly “non-support” (usually in the form of snarky emails from support, that miss the point) are issued on a routine basis. So no support can be better than that. We’re dismayed that these cutting-edge, venture funded companies aren’t just a bit “friendlier”.
Startup Trek believes that a class action lawsuit against Twitter would attract many thousands of other ignored Twitter users like myself, who depend upon their Twitter accounts as a “business brand name” for their livelihoods. If you would have been seriously effected by this fundamental flaw in the Twitter service, please email or call Steve Bell, steve <at> startuptrek <dot> net (408) 410-3857. We have already submitted a detailed, 14-page description of our situation to a top class action law firm, but have not yet formally committed to selection of the firm that will handle this. So if you are a veteran class action attorney in a top firm, please contact us – quickly. We do not intend to dally in pursuing this, as our valuable brand name on Twitter erodes on a daily basis.
In the meantime, we look forward to the day when we can recover our account. Hopefully, we’ll solve this problem for a lot of other users in the process.
Business School Seniors in the School of Business at California Polytechnic University (San Luis Obispo CA; “Cal Poly”) enrolled in “Business 454″ are tackling the pre-launch planning for a new digital media production firm which will launch in January 2010 as “StartupTrek.TV”
