Micro-blogging giant Twitter has settled a case brought by the US Federal Trade Commission over alleged privacy breaches, the Wall Street Journal has reported.
The FTC filed a lawsuit against the social networking platform over serious security lapses that led to two high-profile incidents on the website last year.
The site's shortcomings allowed hackers to access the private Twitter account of then president-elect Barrack Obama.
In a blog post, Alexander Macgillivray, general counsel for Twitter, wrote: "Early in 2009, when Twitter employed less than 50 people, we faced two different security incidents that impacted a small number of users. Put simply, we were the victim of an attack and user accounts were improperly accessed."
Under the terms of the settlement, Twitter will institute an information security programme to be audited by a third party agency every year for next 10 years.
Twitter will also be required to make use of non-dictionary passwords, and protect its administrative controls with a new unique log-in page.
Macgillivray said: "Even before the agreement, we'd implemented many of the FTC's suggestions and the agreement formalises our commitment to those security practices."