Twitter 'Find on other networks' exposes secret accounts

By accessing my Gmail contacts through Twitter, my address book was imported and compared to the registered emails used for Twitter accounts. Since only one Twitter account can be associated with any email address, in some cases, multiple account would come up for the same person. (I have about 40 email addresses for various domains, different purposes, single use, commenting, etc)

Where this get's interesting is that when someone registers an account with one address (say their work email) and then they need to secure another account, say for a client or project, they need to use a different email. This 1:1 exposes a secret if you were an agency player, and registered an upcoming promotional Twitter account with one of your own emails (instead of setting up a dedicated email prior to deployment)

So what does this mean? It means that since I've validated myself as someone who probably knows you (since I have your email address in my contacts, Twitter goes ahead and shares all the accounts associated with my people.

I think this is most relevant for agency and marketing types who will actually concern themselves with multiple account, multiple emails, different clients, etc. The average Joe or Joesephine will not be affected (per se) but will still have the same access to the secret (or possibly wrong) information.

Now here's the kicker: Gmail adds every email address I've every recieved or sent to to my contacts. This means that if I'm a guy who does a lot of email and my address book (which could also be imported from anywhere) is busting at the seams-- I all of the sudden could actually get some interesting insight about who's doing what on Twitter.

Here's what I learned:
  • My dad has multiple twitter accounts
  • A guy I know at an agency in Toronto has set up a promotional/contest twitter account for one of his clients
  • A lawyer I hate for trying to sue me has an account with no identifying info (obviously just to creep on people and listen.) One day....Revenge will be mine!
  • MANY people I'm connected to via email have set up Twitter accounts but are likely not using them (indicated by no activity, no avatar, or both)
  • There's an account called that has the email address associated with the account--- and thus has thousands of followers who added that account thinking it was in their addressbook, when really it was the upload email address for Facebook for pictures, etc. Weird glitch in the matrix.
Anyway, it's not like I discovered the cure for Cancer here, but for people in the right place at the right time, this could be information exposed that shouldn't be.

I thought about an image, but it's all email addresses and usernames and I didn't think that was cool.